Synapsa Interconnector | IT and SecOps Workflow Automation

IT and Security Operation Automation

All the functionality is available hassle free from the GUI without any scripting skills. There is a built-in parser for any data coming from any source (miner). Interconnector allows the syslog to trigger an action type script. That script runs with input data extracted from the syslog source (miner) and processes the action (such as API call or database query) immediately in real-time. An action can be processed automatically or semi-automatically (requires human approval).

How does it work?

The typical use case is to extract values from syslog and use them as data for API calls during incident handling procedures.

Speed-up mitigation time 10x

Legacy manual process

Detection tool sends a malicious IP address to the Security Operation Center
SOC analyst has to manually verify the IP address against Cyber Threat Intelligence services such as virustotal, MISP database etc.
If the IP address is reported as malicious or a part of an attacker kit, it will be blocked by a firewall based on manual administrator reconfiguration

This process takes minutes and there is a risk of human error.
SOC analysts manage tens of similar repetitive tasks on a daily basis and struggle with change management overloading.

Synapsa Interconnector automation process

Detection tool sends a malicious IP address to Synapsa Interconnector
Synapsa automatically verifies the IP address against Cyber Threat Intelligence services such as virustotal, MISP database etc.
Synapsa automatically triggers the appropriate action to the mitigation device

This process takes milliseconds without the risks of human errors and change management overloading.
Synapsa has no alert fatigue, no analyst burnout and works 24/7.

Would you like to discover more?

Install Try our demo

Synapsa Interconnector - Built in integrations

The list is never final. We are constantly developing new integrations.

Next Generation Firewall
Predefined API calls for automated threat mitigation, incident respons, and firewall policy auditing
Custom, miner-based and built-in data feeds to use external dynamic lists (EDL) for policy management and enforcement
Fully automated or semi-automated rulesets deployment
CVEs monitoring and alerting

Network Detection and Response, Anomaly Detection System
Predefined miner for network cyber threats and anomalies
Prepared parsers for automated threat mitigation and incident response based on security events detection
Automated creation of IP address data feeds for external dynamic lists usage

Next Generation Firewall with management server
Predefined API calls for automated threat mitigation, incident response and firewall policy auditing
Custom, miner-based and built-in data feeds to use external dymanic lists for policy management and enforcement
Fully automated or semi-automated rulesets deployment

Next Generation Firewall - Fortigates and Forti Manager
Predefined API calls for automated threat mitigation, incident response and firewall policy auditing
Custom, miner-based and built-in data feeds to use external dymanic lists for policy management and enforcement
Fully automated or semi-automated rulesets deployment

Intrusion Detection System
Predefined miner for signature based IoCs
Prepared parsers for automated threat mitigation and incident response based on security events detection
Automated creation of IP address data feeds for external dynamic lists usage

Firewall
Predefined API calls for automated threat mitigation and incident response
Fully automated or semi-automated rulesets deployment