COLLABORATION AND AUTOMATION

The Defants vSIRT platform

Deploy your Defants vSIRT platform to investigate cybersecurity incidents collaboratively and automatically via a dedicated and secure SaaS instance.

To respond effectively to a cyber attack, investigation teams must be highly dynamic.

Adaptability

Defants vSIRT adapts to the location and size of your teams.

Real-time

Your experts have easy access to the latest investigation data at any time.

TAKE ADVANTAGE OF AUTOMATION

Improve the daily life of your experts

Defants vSIRT is a fully automated solution to support your experts. You can directly deposit your data collections made with tools like DFIR ORC by the ANSSI, FastIR by Sekoïa, and soon Velociraptor. If you do not have these collection tools, you can also submit the collected files directly to be automatically analyzed.

IDENTIFY THREATS FASTER

Accelerate Triage & Threat Hunting

Accelerate your collection triage with our semantic rules to detect tactics, techniques and standardized procedures with the Mitre ATT&CK framework.

The propagated scores guides you to qualify your collections faster. If needed, you can always inspect the detail and content of your data which always remains accessible.

IMPROVE THE COMMUNICATION WITHIN YOUR TEAMS

Work in teams in real time

Improve the communication and work of your collaborators while optimizing their field of expertise. Each available collaborator can contribute to open tasks and propose new ones and thus optimize the time spent on an investigation.

PUSH THE BOUNDARIES OF INVESTIGATION

Leverage the power of knowledge graphs

Explore your data with semantic queries

Identify threats with or without indicators of compromise

A semantic search might translate as, for example, "A user logged into a computer who executed a PowerShell script containing one or more encoded data."

GO EVEN FURTHER