News

Elastic and Swimlane partner to deliver an extensible framework for the modern SOC

Today I’m happy to share more about our partnership with Swimlane, which further reinforces our commitment to empowering security teams everywhere. Today’s security teams rely on the power of Elastic’s high-speed, cloud-scale analytics to solve their most complex and pressing security issues. Swimlane’s security automation platform provides a way for these same teams to accelerate and optimize their workflows for max efficiency and to solve SOAR use cases. 

Through joint development of key integrations to support SIEM, continuous monitoring, threat detection and prevention, threat hunting, incident response, and more, SOC teams are now able to combine the benefits of high-fidelity detection and alerting delivered by Elastic Security with Swimlane’s robust automation and scalable orchestration. The result: confident decision making and the ability to act at machine speed.

The combined power of scale and automation

This partnership helps security teams to reduce dwell times, MTTR, and false-positive rates while also strengthening their ability to adapt and respond more quickly. Our joint efforts will enable even distributed SOC teams to reduce the friction associated with context-gathering tasks and threat containment — providing time savings to help analysts triage alerts quickly and effectively while minimizing damage from priority threats. 

The visibility provided by Elastic’s massively scalable approach to searching across any data source — security data, observability data, IoT data, and more — coupled with Swimlane’s extensive set of playbooks and workflow and case management capabilities, together deliver a path to higher security ROI and quantifiable improvements in the use of existing security investments.

The importance of transparency in security

The icing on the cake for our security community and customers is that Swimlane and Elastic both maintain a strong belief in an open approach to security. 

Elastic has always prioritized making it easy to integrate and develop functionality using the Elastic Stack. Our code is housed in public repositories with a commitment to an open development process and transparent and direct engagement with our community. A couple examples of this include:

  • Users can get started with the free and open Basic tier, which includes core SIEM functionality and malware prevention
  • We maintain an open /elastic/detection-rules GitHub repository, where you can find publicly available, prebuilt rules that provide coverage for many MITRE ATT&CK® techniques

Swimlane offers an extensive set of integrations with the most common security tools of the cloud era, supported by a rich community of users and security experts who openly share best practices in playbook development and incident response, enabling broad and numerous ways to automate any security use case. 

To our users’ success

This partnership between Elastic and Swimlane brings a great combination of technical and business benefits, all founded on an open approach to implementing the modern SOC. We’re excited to be working together with Swimlane to help our customers operationalize security so that their organizations can succeed more quickly.