Google Security Operations Reviews & Insights

Siemplify, now part of Google Cloud is implemented in our IT department to inspect and visualize data to identify breaches and automate manual processes. The automation of processes has minimized the time we need to inspect and fix up security problems. It provides us with a sole pane of glass for SOC to work out of. We scale and carry out a lot of out-of-the-box integrations with multiple software across the single pane of glass.

Siemplify has a structure that is effective for supporting all types of automation and orchestration wants. It is generally designed to give security analysts an easier time; it sends group alerts that categorized according to IP. Provides customized playbooks that we have redesigned to fit the needs of our organization and they provide high quality triage.

We are using Siemplify as out SOAR platform and this has really help us identify all the security events and alerts across the organization.I love the fact how this allows to create custom integrations and connectors when required. The playbook is very handy and how it allows to quickly triage the alerts and also has an option to add threat intelligence prior to analyzing that particular event.

This has an option to integrate with wide range of services and modules. We were successfully able to connect with our firewalls, WAF, network devices, Intrusion detection systems (IDS) and intrusion prevention systems (IPS) along with servicenow to create a ticket and assign it to respective owners to analysis.