Unified Data Layer Enables Continuous Platform Updates
Revelstoke announces several new product upgrades to include sub-workflow, case management, and indicators of compromise (IOC) automation.
Revelstoke offers Chief Information Security Officers (CISOs) and security analysts the only SOAR solution built on a?unified data layer (UDL). Revelstoke automates analysis, eliminates software development needs, optimizes workflows, prevents vendor lock, scales processes, and quickly and effectively allows analysts to get to the root of incidents.
New Revelstoke capabilities include:
Sub-Workflow Replication
Sub-workflows allow analysts to create a repeatable process that can be reused across multiple workflows. For example, if there is a common account lockdown procedure across numerous account types, a sub-workflow allows this functionality to be created once and used in multiple locations. Revelstoke users can containerize reusable objects, saving time and allowing analysts to focus more on mission-critical issues and threats.
Without an automated sub-workflow, analysts must build a workflow every time they repeat a task manually, and organizations cannot create and manage repeatable processes across the board.
Case Management Console
The new Case Management console builds on Revelstoke?s unique case management offerings. The console allows at-a-glance access to all active cases, including functional quick search, pagination, and sorting. Analysts can now view data simply instead of searching through pages and pages of case number listings. In addition, analysts get single-view access to the status of cases to determine those which need attention and those that are remedied.
IOC Database Initiation
Revelstoke now allows analysts to search the entire UDL data store for common entities between cases and incidents. As alerts flow into cases, analysts can discover cases that are similar or have similar indicators. This represents the first step toward a robust IOC database, allowing SOC analysts to search across cases for common IOCs and build correlations.
?The capabilities of Revelstoke?s unique UDL powers a platform that can be upgraded and augmented to meet the evolving needs of Security Operations Centers,? said Josh McCarthy, Revelstoke Co-Founder, and Chief Product Officer.
?We continually focus on ensuring that our customers have access to SOAR automation capabilities not offered by any other platform.?
Additional user interface capabilities include:
- Streamlined Dashboard
- Consolidated Workflow Interface
- Integration Management Console
- New User Preferences including Light and Dark Mode
Multi-Tenancy
Multi-tenancy allows for Managed Security Service Providers (MSSPs), Managed, Detection and Responders (MDRs), and large multi-national enterprise customers to segregate, but still centrally manage individual customers or business units from one “parent” account. Source: revelstoke.io