SOAR国外产品 Nexflix 开源的安全编排平台 Fido

unix · 2020年03月18日 · 271 次阅读

FIDO (Fully Integrated Defense Operation) 一个通过评估,访问,中间件响应来自动进行的事件响应处理编排层。FIDO 主要的目的是解决今天安全栈和生成的大量警报的繁重手工处理工作。作为一个编排平台,FIDO 可以可以更高效的使用现有的安全工具,减少网络攻击检测,通知和响应的繁重手工工作。

Fully Integrated Defense Operation (FIDO) plays a important role in the defense of the Netflix corporate network. The premise of FIDO is simple... each year companies are receiving an ever increasing amount of security related alerts. Instead of hiring more analyst to comb through the endless stream of alerts we automate the analysis to combat the barrage of information. Simply put, we integrate and then automate the manual human processes by codifying the logic and process used by threat analysts to provide consistent and reliable results. And by making the code configurable you can customize the categorization, scoring and results of FIDO to accommodate a companies needs.



需要 登录 后方可回复, 如果你还没有账号请点击这里 注册