webcam-b

Swimlane, Elastic partner to deliver an extensible framework for security operations teams

Security

Swimlane, provider of the industry’s leading security automation platform, and Elastic, the company behind Elasticsearch and the Elastic Stack, have partnered to help global security teams break down silos in their security processes, and provide a force multiplier to security operations teams that are perpetually overwhelmed

This partnership will enhance existing product integrations and jointly develop new capabilities to help security teams be more efficient and effective in protecting their organisations.

The combined power of scale and automation

Key integrations will enable even highly distributed security operations teams to significantly reduce friction associated with context-gathering tasks and threat containment — providing critical time savings that help analysts triage alerts quickly while minimising damage from threats.

Swimlane and Elastic plan further enhancements to the product experience through:

-An extensible framework that extends beyond the security operations centre to other aspects of ITOps, DevOps, Cloud, and more

-Expanded use case support that helps improve key metrics such as dwell time, mean time to resolution (MTTR), and false-positive rates

-Capabilities that bring automation to a wider variety of security data, including real-time enrichment from an extensive ecosystem of integrations

-Improved compliance and audit capabilities to support decision-making and record-keeping

Built on a solid foundation

Swimlane has long provided robust integrations with the Elastic Stack, enabling security teams to optimise the incident response, threat intelligence management, and threat hunting. New integrations with Elastic Security will enable SOC teams to leverage expanded support for alert triage, case management, and incident investigation as performed through the Cases and Timeline capabilities within Elastic Security, as well as the ability to automate the management of SIEM analytics based on security events and telemetry.

Combined with the broad visibility provided by Elastic’s massively scalable approach to searching across any data source — security data, observability data, IoT data, and more — customers will benefit from better utilisation of existing security investments.

The importance of transparency in security

Swimlane and Elastic share a strong belief in an open approach to security.

Swimlane offers an extensive set of integrations with the most common security tools of the cloud era, supported by a rich community of users and security experts who openly share best practices in playbook development and incident response.

Elastic prioritises making it easy to integrate and develop functionality using the Elastic Stack. Elastic code is housed in public repositories and the company maintains a commitment to an open development process and transparent and direct engagement with the community.