A Comparative Look at Vendors Offering Security Automation

While almost every industry today benefits from automation, it’s still relatively new in the cybersecurity field. It’s a service that must adapt quickly in changing environments and evolving threats.

Automation offers opportunities to provide continuous service for repetitive tasks at speed and with fewer mistakes. It can provide continuous support but is still evolving in a changing landscape of security threats. Here we take a comparative look at several of the leading names in security automation – Demisto, Phantom Cyber, Proofpoint and Exabeam.

What are Security Automation Services?
In the cybersecurity industry, automation services address ongoing, repetitive security concerns ranging from data loss to threat detection, breach investigation, security implementation and emergency responses.

In evaluating the right security automation service provider for your organization, here are some important factors to consider:

– type of cyber security automation service offered (incident response for example)
– tracking system
– integration with other tools or platforms
– live support to answer questions or address concerns
– adaptability to evolving threats
– organization’s background expertise and strong suits (data loss prevention, security breach prevention etc.)
– cost of service
– ease of use and deployment

 

Demisto
www.demisto.com
Founded in 2015, Demisto provides automated incident response services.

Pros:
Large community of integrations and resellers, widespread adoption and use.
Provides goal and metric tracking inside the application for better tracking.
Uses historical data and continuously uploads data to leverage data correlation.
Leverages existing systems with their platform through integration to offer better responses to threats.
Has built-in task assignment and chat rooms for teams.

Cons:
Not yet adapted to emerging market threats.

 

Phantom Cyber
www.phantom.us

Founded in 2014, Phantom Cyber provides a community-powered security automation and orchestration platform.

Pros:
Customizable integrations and applications for collecting information.
Adaptable and provides both prebuilt and customizable playbooks.

Cons:
Not as comprehensive as other solutions.

 

Proofpoint
www.proofpoint.com

Founded in 2002, Proofpoint is a public enterprise cybersecurity firm that has recently started offering automated incident response services.

Pros:
Extensive experience (over a decade) as a cybersecurity and compliance company.
Deep, long-standing knowledge and contextual and situational awareness of threats.
Extensive forensic collection.

Cons:
New to automation services.
Lacks extensive integrations available on other platforms.

 

Exabeam
www.exabeam.com

Founded in 2013, Exabeam is an up and coming vendor in the world of security automation.

Pros:
Integration of Exabeam’s own security solutions via its automation platform.
May have the ability to offer a single-product solution in the future.
Effective at data loss prevention, threat detection and breach investigation.

Cons:
New to automation services.
Lacks extensive integrations available on other platforms.

 

Which Automation Security Company Is Right for You?
Ultimately, the deciding factor in choosing an automation security company to provide cybersecurity solutions for your organization must depend upon your organization’s specific needs. Cost may also be a factor. While Phantom Cyber and Demisto offer similar services, Demisto is often less expensive. Perhaps your organization needs a solution that integrates well with your existing platform and applications. These must all be taken into consideration when choosing an automation security company.

About the Authors

Ben Dimick is the manager of information security at Tevora.

Brandon Richardson is an information security associate at Tevora.