Some days, it can feel like the influx of vulnerabilities will never end. Despite having a vulnerability management tool, you can’t seem to unbury yourself from the pile of alerts, leaving your to-do list hopelessly long. Fortunately, automation and orchestration can help you streamline workflows so you can become more efficient and effective at identifying and addressing issues.
In this post, we’ll cover four ways to leverage security orchestration and automation (SOAR) to improve your vulnerability management program and save time in the process.
1. ChatOps-driven efficiency
The more systems, applications, and endpoints you monitor, the more alerts you can expect to receive. However, many of these alerts get lost in your inbox or otherwise overlooked, leaving serious vulnerabilities open for exploit. Security orchestration and automation can send alerts from vulnerability management solutions like InsightVM (which are designed to sort out false positives) to specific channels in Slack or Jira, ensuring better visibility and faster remediation. This is called ChatOps.
For example, you could set up a workflow so that if an externally-facing asset has SMB turned on, it gets sent to a specific Slack channel, where the right people who can take action on it will see it.
This provides a central location for all notifications so that teams aren’t stuck having to log in to multiple tools (thus elevating visibility). Then, when an alert comes in, SOAR can kick off a secondary workflow to automate the orchestration of the work.
2. Threat intelligence
Threat intelligence can give c ..
Support the originator by clicking the read the rest link below.
