5thColumn: Strengthening the Security Assurance Gyre

Top 10 Security Automation Solution Companies - 2019

Automation has incorporated itself with almost every field of technology. Examples of automation of technologies can range from complex processes like software development to simple operations like filling forms. However, in recent years, the security sector has seen a rise in demand for its automation. A recent Ponemon Institute survey of more than 1,400 IT and IT security practitioners show that 79 percent of respondents either currently use automation tools and platforms within their organization or plan to use them within the next six months to three years. Thus, security automation has now become more of a necessity than a mere requirement.

Contrary to the name, security automation implies the automation of security-related operations instead of just automation of security. Though, in time, the term has come to encompass not only just the automation of security operations but also detection and analysis of threats to prevent the occurrence of such risks in the future. As mentioned above, dealing with rapid onslaughts of cybersecurity threats can prove a bit too much for SecOps and Security teams when dealt with manually. This method can prove especially taxing when the team deals with false-positives. Resolution and then subsequent preparation of precaution of a threat manually may take hours to months. Security automation takes over repetitive, tedious tasks. It allows security teams to focus their efforts on more valuable tasks like threat hunting, conducting forensics in threats, and strategic planning.

However, like any other technology, even security automation has challenges to overcome. By utilizing automation, the impact of the risk can be assessed, but not the impact of the risk on overall system performance. It is difficult for SecOps to determine whether mitigation of the risk improved the system or created an adverse effect. This problem can be addressed by interlinking system operatives with SecOps to help them understand the impact of the risk on the production line. Though many security operations can be automated, analysts still need to carry out manual decisions if and when required. The security team needs to automate actions rather than automating decisions when required successfully.

Despite the challenges, advancements in security automation are progressing rapidly. Solution providers are incorporating AI and machine learning to predict and prevent future threats. Attempts are also being made to combine security information and event management (SIEM) with security orchestration, automation, and response to further improve security in any organization.

Such developments lead to a market saturated with solution providers that specialize in different aspects of security automation. To help organizations find the solution provider best suited for their needs, Enterprise Security Magazine presents our “Top 10 Security Automation Solution Providers 2019.”

    Top Security Automation Solution Companies

  • 5thColumn is led by a simple yet powerful mission: simplifying the infinitely sprawling world of cyber tools and systems, dispelling enterprises' concern over cybersecurity by bringing real-time threat protection and enterprise data security solutions. The company's system-agnostic and flexible security orchestration platform, BOSS™ (Business Operational Security Suite) takes a revolutionary approach to safeguarding an enterprise by gathering all of an organization's tools into a single dashboard. Backed by the prowess of its unparalleled security solutions, 5thColumn plans to continue at the frontline of its clients' cyber-defense initiatives. The company is currently developing a new solution model based on a microservices architecture that will allow broad integration with third-party plug-in modules.


  • As a cybersecurity consulting firm and Microsoft Gold partner, Infused Innovations has placed itself at the intersection of technology, business, data, and human interaction by automating and orchestrating enterprises’ cybersecurity environment. Undertaking a holistic approach to security by standardizing on the Microsoft cloud security stack, the company helps its clients revamp their approach to security. Furthermore, Infused Innovations works on a zero-trust security framework. The process begins with a security assessment to understand which tools a company is using and how it’s utilized. Based on this survey, Infused Innovations draws a security roadmap focused on ‘three zero trust security accelerators’


  • Refactr provides a DevSecOps platform that enables IT and security teams with the power of DevSecOps, enabling them to accelerate their workflow and achieve greater benefits. Refactr was founded by veteran and industry experts in cloud and cybersecurity. The company's goal is to accelerate the cultural shift toward modern DevOps workflows among security and operations teams by providing an all-in-one, highly usable automation platform.The company’s radically simple DevSecOps automation platform allows a company’s IT and security teams to centralize, standardize, and modernize their workflow through IT as Code using the latest in infrastructure-as-code, configuration management, and security automation tools


  • Backbox


    BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing. The main aim of BackBox is providing an alternative, highly customizable and well performing system. BackBox uses the light window manager Xfce. It includes some of the most used security and analysis Linux tools, aiming for a wide spread of goals, ranging from web application analysis to network analysis, from stress tests to sniffing, also including vulnerability assessment, computer forensic analysis and exploitation. It is a Free Open Source Community Project with the aim of promoting the culture of security in IT environment and give its contribution to make it better and safer



    CSPI actively records all data going to and from databases and file shares storing PII data. If those systems have been breached, organizations can search the conversations and locate the exact exposed records. To automate the process, CSPi works with Fortinet’s FortiGate ingesting the firewalls and IPS’s threat alerts. CSPI actively utilizes the Fortinet API, allowing their system to access FortiManager to pull relevant alerts into their solution and run automated searches of bad actors communicating with the monitored and recorded assets

  • Cybersponse


    Founded in 2011, CyberSponse offers the premier Security Orchestration and Automation incident Response (SOAR) solution. The CyOPs™ Platform utilizes CyberSponse’s patented technological process to fill the gap between automation-only and human dependent security organizations, while also facilitating cross-functional collaboration. Integrate the SOCs entire security stack behind a single pane of glass with unlimited daily actions, fortifying data and maximizing ROI. CyberSponse has sought to develop a platform that aids in preserving the privacy and data integrity of enterprises, regardless of an organization’s size or budget. CyberSponse is backed by a team of self-made entrepreneurs looking to disrupt the security industry through technological innovation and the community-based inclusiveness of their offering

  • LogicHub


    Founded in 2016 by veterans of SIEM, LogicHub is built on the groundbreaking principle that every decision process for threat detection and response can and should be automated. LogicHub started as a SOAR-only solution that saves time and improves the efficiency of an SOC, offering more to SOAR than just simply automating incident response. LogicHub’s founders recognized that legacy solutions mostly created more noise, thus hindering effective threat detection. They set out to solve this problem by creating a security automation platform that doesn’t just orchestrate workflows, it actually mimics the cognitive and intuitive skills of expert analysts to automate decision making

  • SecureWorks


    Secureworks provides threat intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks. Secureworks Inc. is a United States-based subsidiary that provides information security services, protecting its customers' computers, networks and information assets from malicious activity such as cybercrime. The company has approximately 4,400 customers across 61 countries,[1] ranging from Fortune 100 companies to mid-sized businesses in a variety of industries. It became part of Dell in February 2011 and branched off to become a public organization in April 2016. It is still majority-owned by Dell

  • Siemplify


    Siemplify was born out of the need for a better, simpler, more effective way to manage security operations. Siemplify were built by security operations experts who spent years honing their skills on the front lines of Israeli cyber intelligence agencies. The founders Amos Stern, Alon Cohen and Garry Fatakhov, added to that experience by training and improving SOC teams around the globe. Their deep background in SOC management, security analysis and data science, paired with first-hand knowledge of the daily challenges security operations teams face, led to the creation of the Siemplify Security Operations Platform, the industry’s leading independent SOAR platform

  • SiteLock


    SiteLock is the global leader in website security. The company was founded in 2008 with a passion to make cybersecurity and website security services affordable and accessible to small businesses, a previously underserved market. SiteLock protects over 12 million sites around the world and are one of the top cybersecurity companies in Arizona. The company mission is to protect every website on the internet and create a world where ever one of its communities, and its customers can flourish