What is Demisto?
Single API.
Demisto can increase efficiency by reducing the volume of alerts that require human interaction up to 95%. Automating tasks affords companies the ability to produce faster, more methodical response.
Integration actions
Demisto can remotely launch collections.
Whom is it built for?
Internal IR Teams.
Why is it useful?
The Cyber Triage/Demisto integration allows you to more quickly start an endpoint investigation and make the best use of incident responder’s time because the data will be ready for review when they are assigned to the alert.
Where is it used?
Demisto can automatically launch a Cyber Triage investigation after an alert. Orchestration solutions allow companies to have a faster response because common steps are automated. This means the collection process can be completed without human intervention.
What is the required Cyber Triage version?
Team.
Additional links
*For more information about this integration contact our sales team: sales@cybertriage.com.