COLLABORATION AND AUTOMATION
Deploy your Defants vSIRT platform to investigate cybersecurity incidents collaboratively and automatically via a dedicated and secure SaaS instance.
To respond effectively to a cyber attack, investigation teams must be highly dynamic.
Defants vSIRT adapts to the location and size of your teams.
Your experts have easy access to the latest investigation data at any time.
TAKE ADVANTAGE OF AUTOMATION
Defants vSIRT is a fully automated solution to support your experts. You can directly deposit your data collections made with tools like DFIR ORC by the ANSSI, FastIR by Sekoïa, and soon Velociraptor. If you do not have these collection tools, you can also submit the collected files directly to be automatically analyzed.
IDENTIFY THREATS FASTER
Accelerate your collection triage with our semantic rules to detect tactics, techniques and standardized procedures with the Mitre ATT&CK framework.
The propagated scores guides you to qualify your collections faster. If needed, you can always inspect the detail and content of your data which always remains accessible.
IMPROVE THE COMMUNICATION WITHIN YOUR TEAMS
Improve the communication and work of your collaborators while optimizing their field of expertise. Each available collaborator can contribute to open tasks and propose new ones and thus optimize the time spent on an investigation.
PUSH THE BOUNDARIES OF INVESTIGATION
Explore your data with semantic queries
Identify threats with or without indicators of compromise
A semantic search might translate as, for example, "A user logged into a computer who executed a PowerShell script containing one or more encoded data."
GO EVEN FURTHER
Interconnect your existing tools to Defants vSIRT by writing your own extensions with the SDK Python based on our API
WITH DEFANTS vSIRT