The automated responses can be granular based on your own parameters. For instance, you would want to treat an executive's account and computer differently than you would treat a lower level worker. Moreover, the system can work on numerous incidents in parallel, so even if you have hundreds or thousands of alerts in a day, AIRS can work them simultaneously to shut down threats before they can do damage.
When the system is in fully automated mode, it typically takes just minutes from the time the detection system raises an alert to the time an incident is remediated. Hexadite's CEO says the Automated Incident Response Solution can shorten the time to problem resolution up to 95%.
AIRS is deployed as a virtual appliance. If there are remote offices or multiple segments to the network, Hexadite offers virtual relay servers to provide better coverage. Proprietary tools are deployed on-demand so there is no need to install anything on the endpoints. Overall AIRS looks to have been built from the ground up to be a lightweight solution that can integrate via API with most detection systems.
As attacks become more frequent and threats grow more serious, the only way that organizations will be able to stay on top of security is with automation. You already use automated detection tools; the next logical step is to deploy automated responses as a complement to your human Computer Incident Response Team.
Sign up for CIO Asia eNewsletters.