Swimlane Marketplace simplifies automation for security teams

Swimlane announced the Swimlane Marketplace, a full-stack modular marketplace for security automation.

The Swimlane Marketplace goes beyond the typical marketplace by facilitating seamless integration and simplifying automation, empowering organizations to streamline security operations (SecOps) across any technology stack or use case with bespoke solutions.

Swimlane Turbine redefines the future of SecOps by automating threat detection and incident response (TDIR) workflows across infinite integration sources. Now, with the Swimlane Marketplace, it is easier to automate with a vast and dynamically expanding library of connectors, an unmatched variety of widgets, reusable components, and pre-built solutions that address complete end-to-end use cases.

Turbine connectors are fully customizable, offering unparalleled flexibility for seamless integration with any API within the security environment. The Swimlane Security Operations Center (SOC) Foundations Bundle, available in the marketplace, harnesses industry best practices for automating phishing, alert triage, threat intelligence, case and incident management into a purpose-built solutions package that can be implemented in two weeks or less.

“Swimlane is reimagining how a marketplace should be built,” said James Brear, CEO of Swimlane. “The Swimlane Marketplace is more than just playbooks and widgets – it was created to simplify automation and offer today’s organizations actual solutions. We are arming security teams with the largest toolbox of seamless integrations, pre-built solutions and an infinite library of content.”

Simplify security management with curated automation solutions

While most marketplaces offer packs of automation actions, Swimlane takes it further through a carefully curated series of playbooks, applications, dashboards, and reports incorporated into pre-built solutions for an end-to-end use case. Swimlane Marketplace use cases take the guesswork and building burden off of customers, providing them with the resources they need to start automating their SOCs. These use cases include phishing, case and incident management, and alert triage for SIEM, EDR, and XDR.

Automation use cases are inherently collaborative, needing to extend across teams and technology. To address this need, the Swimlane Marketplace introduces the concept of automation extensions which are purpose-built applications for enhanced functionality. Extensions that serve as the foundation for effective SOC teams include:

• Multi-vendor threat intelligence: Extends indicator of compromise (IOC) enrichment and normalization across infinite threat intelligence sources, complete with its own threat intelligence metrics dashboard.
• Hero AI crafted prompts: Harness the power of Swimlane’s Hero AI to use information from alerts, cases, intelligence, or automation pipelines in human-readable prompts to the Swimlane large language model (LLM).
• Collaboration extension: Empowers practitioners with seamless communication experiences by integrating Turbine with messaging systems to trigger action-based messages to seamlessly approve, confirm, deny, or request contact about security incidents.

“The Swimlane Marketplace represents a turning point for the SecOps community,” said Cody Cornell, Chief Strategy Officer of Swimlane. “By enabling collaboration and knowledge sharing, we’re empowering security professionals to collectively build a robust library of automations and best practices. This will ultimately lead to a future where the SecOps community itself drives innovation and sets the standard for security automation excellence.”

Components and widgets provide real-time visibility into KPIs that matter most

Swimlane automation tools are pre-built pieces of functionality that can be dropped into Turbine making it ultra-simple and fast to build solutions for any use case, in or beyond the SOC. As part of this offering, security teams can now automate faster than ever with Turbine components. These pre-built building blocks slot seamlessly into the Turbine Canvas low-code playbook building studio, empowering teams to construct security solutions in real-time.

Unlike any other product in the market, Swimlane Turbine provides a full stack of low-code capabilities, not just playbooks and integrations. With the ability to use self-service low-code automation tools, customers can create dashboards, reports, visualizations, and apps for users inside and outside the SOC.

Security teams use low-code widgets to tailor-fit the Turbine UI to their organization’s unique requirements and preferences. This unlocks a whole new level of personalization and customization to enhance interactivity, user satisfaction, engagement, and collaboration. A rapidly growing list of widgets that offer actionable insights for informed decision-making is already available. Popular widgets among Swimlane customers include:

• MITRE ATT&CK heatmap: Use an out-of-the-box widget to operationalize industry best practices by mapping specific cases and incidents to the relevant items in the MITRE ATT&CK Framework.
• MTTD, MTTR, dwell time dashboard: Add mean time to respond (MTTR), mean time to detect (MTTD), and dwell time metrics for your cybersecurity use cases to Turbine dashboards to enhance compliance reporting and drive continuous SOC improvement.
• Task checklist widget: Dynamically triggers tasks with hierarchical subtasks to streamline and optimize incident management. This widget features attributes such as priority level, due dates, description, and owners that can be customized to suit specific requirements and workflows.

“Recorded Future is excited to be a featured partner in the Swimlane Marketplace,” said John Searby, VP of Channels & Alliances at Recorded Future. “Security teams are increasingly integrating Threat Intelligence with Security Automation and Orchestration to realize greater efficiency, improve resiliency, and enable high-confidence decision-making. The combination of Swimlane’s centralized pre-built solutions, automation tools and knowledge sharing with Recorded Future Intelligence will enable our mutual customers to materially reduce risk and improve their security postures.”

“Dataminr is pleased to be a featured partner in the next-generation Swimlane Marketplace,” said Shimon Modi, VP Product Management at Dataminr. “Through a Dataminr connector, Swimlane Turbine customers are gaining access to Dataminr’s real-time AI platform for event, risk and threat detection. This will enable them to automate critical security tasks and more proactively detect and respond to external cyber threats to their digital assets, third-party vendors and physical infrastructure.”