English 
Crosspoint Solution Inc. (CP-SOL), a provider of managed security services, has begun offering a security operation automation development service that reduces the workload of manual operations.
In the course of daily business activities, many devices and services are used, including PCs, servers, network equipment, security devices, cloud services, etc. These are maintained and operated by the operations departments of each company to ensure their safe use.
Specifically, to address publicly disclosed vulnerabilities, tasks include whitelisting security devices and changing policies, compiling activity reports from device and service logs, etc. Each of these tasks is relatively small and has traditionally been carried out manually by personnel, but with the expansion of the number of security systems and incidents, the volume of work has ballooned to the point where personnel are unable to handle it.
こちらもお読みください: CyLeagueとQuestは、単一企業だけでなく、サプライチェーンのセキュリティを追求します。
While the adoption of SOAR and XDR is progressing primarily in large companies, the current situation is that adoption is slower in mid-sized and small businesses due to the large amount of man-hours and costs involved.To solve this situation, CP-SOL, which provides managed security operations services, has begun offering a “security operations automation development service” that reduces the labor required for manual operations, leveraging its know-how in implementing operational automation and efficiency improvements.
The “Security Operation Automation Development Service” primarily focuses on the parts of business processes that are currently handled manually, and aims to reduce the workload by replacing those parts with mechanical processes. It is also expected that a series of business processes can be simplified by reviewing the business flow and adding mechanical judgments.
As an example, the security operation automation development service can be used to transform whitelist registration and policy change tasks, which have often been performed manually, into a system that reflects the registration and change details requested by field users directly in security devices.
In tasks such as creating required reports using collected logs, the necessary calculations are performed from each log, and the analysis results derived from the calculations are entered in the report as comments, along with graphs, etc. This report creation can also be done with the security operation automation development service, which can automatically calculate logs and automatically include certain comments in the report based on the results derived from the automatic analysis.
Additionally, in order to make more effective use of ServiceNow that has already been introduced in enterprise companies, CP-SOL‘s security operation automation development service also covers the promotion of security operations by integrating security products that have previously been linked to other SOAR products into ServiceNow, as well as providing support for a set of maintenance of existing applications in conjunction with ServiceNow version upgrades, health checks and corrections when upgrading the infrastructure, and new application development.
日本語