GDS’s Journey from SOAR to AI-Enhanced Security Automation
2024-11-7 04:8:22 Author: securityboulevard.com(查看原文) 阅读量:3 收藏

Global Data Systems (GDS), an innovative MSP/MSSP providing IT solutions such as offshore satellite, voice, data, and cybersecurity services, adopted a security orchestration, automation, and response (SOAR) platform to enhance their security operations.

Newsletter

AWS Hub

However, it didn’t take long before the platform’s limitations became evident. As GDS’s security posture matured, they realized they needed a more advanced solution to keep pace with evolving threats and align with their unique key performance indicators (KPIs). This led them to Swimlane Turbine, an AI-enhanced security automation platform. The use of Turbine dramatically improved GDS’s SecOps efficiency and transformed the threat response capabilities within their security operations center (SOC).

In a recent interview Tracy Webb, Director of Information and Cybersecurity Operations at GDS, shares how Turbine revolutionized his SecOps team’s ability to manage a greater number of cases effectively. 

Continue reading to discover how GDS went from stuck to streamlined success by replacing their legacy SOAR vendor with AI-enhanced security automation from Swimlane. 

Why Traditional SOAR Didn’t Cut it for GDS

With a small but highly skilled SOC team, GDS had previously relied on a SOAR platform to handle the immense workload associated with supporting internal and client security. But their first SOAR platform couldn’t keep pace with their growing demands. Webb explained that waiting for critical updates and new features left them feeling stuck and unable to stay agile in a rapidly changing threat landscape. Eventually, it became clear that replacing their original SOAR was critical to the success of their security operations. “We could not get the development or feature additions that we needed as quickly as we needed to stay agile and to keep up with the threats that were being faced,” Webb stated. 

That’s when GDS realized they had outgrown their SOAR tool, and it wasn’t good enough.

The Early Adopters of SwimlaneHero AI

Turbine’s Hero AI is a collection of AI-enhanced innovations that combine human and machine intelligence to optimize SecOps workflows and maximize return on investment. This allows SecOps teams to begin making AI-assisted decisions with Swimlane’s Private LLM to elevate their security organization.

For GDS, this was a game-changing capability. As early adopters of Swimlane’s Hero AI, GDS is excited about the possibilities AI brings to their SOC. From streamlining data retrieval to enhancing decision-making processes, AI has already proven invaluable. Webb explained that Hero AI has given his analysts the game-changing ability to ask for exactly what they need and get an easily digestible format back. He envisions even more improvements in the future as the team continues to explore AI’s potential. 

Webb shared, “The excitement for my engineers is that it makes them more powerful analysts and engineers. And for me, all I see is productivity going up and us becoming more deadly in terms of what we can provide to our clients and protecting GDS.” 

Automation and AI… The Deadly Combo in Cybersecurity 

For GDS, adopting Swimlane Turbine wasn’t just about finding a more robust SOAR platform—it was about elevating their entire security program. By focusing on their unique KPIs and leveraging advanced automation and AI, GDS has transformed how they operate, setting a new standard for what’s possible in cybersecurity. As Webb said, with the right tools and a well-trained team, they have accomplished more than they ever thought possible.

“I would recommend Turbine to my peers because in the role of an operational manager,

you simply cannot manage the level of caseload and threats that are thrown at SOC teams without it. I would argue that it’s impossible for any SOC team to not have Swimlane in their environment and be functional for very long.”

  • Tracey Webb, Director of Information and Cybersecurity Operations at GDS

Results that Speak for Themselves

Swimlane versus legacy SOAR enabled GDS to track the KPIs that matter through modular case management and dashboards. Webb emphasized, “The only way that you’re going to measure your operational effectiveness is with a platform like Swimlane, where you can predictively design your playbooks and measure the human costs. Swimlane is the only platform that I’ve used today that does that effectively.”

Since transitioning to Swimlane Turbine, GDS has seen a dramatic shift in its operations. Their SOC team, consisting of just seven engineers, has completed over 5,000 cases—a milestone they never reached with their previous SOAR platform. Webb estimates that without Swimlane’s AI-enhanced security automation, they would need an additional 20 analysts to keep up with the workload. Additionally, the time saved in threat detection and response is staggering. Tasks that used to take hours, like preparing for threat hunts, now take 30 minutes. This allows the team to handle more cases and provide better support to both internal users and clients.

In the end, Swimlane didn’t just meet GDS’s expectations—it surpassed them. As security threats continue to evolve, so too will GDS’s capabilities, thanks to the time-saving, AI-enhanced automation engine that Swimlane Turbine provides.

Request a demo

If you haven’t had the chance to explore Swimlane Turbine yet, request a demo. 

Request a Demo


文章来源: https://securityboulevard.com/2024/11/gdss-journey-from-soar-to-ai-enhanced-security-automation/
如有侵权请联系:admin#unsafe.sh