Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Easy SOC Automation
What do you like best about the product?
Capability to create new workflows and automations on the fly to resolve niche or one off issues in dealing with Alert triage.
What do you dislike about the product?
Slight learning curve. Starting from scratch is a bit of an undertaking but documentation and support supplement the issue.
What problems is the product solving and how is that benefiting you?
Swimlane allows us to orchestrate and run play books to stream line legitimate alerts that need manual analyst intervention. Swimlane provides us the ability to funnel, shape and enrich alerts to simply action items for our analysts.
- Leave a Comment |
- Mark review as helpful
I use Swimlane for everyday work to investigate and sort cases.
What do you like best about the product?
I like that Swimlane is highly customizable and easy to use. I am able to navigate very easily while effeciently performing my work as well.
What do you dislike about the product?
One of the downsides of Swimlane has to be the stability. Swimlane can sometimes get bogged down due to the amount of system errors.
What problems is the product solving and how is that benefiting you?
Swimlane is grea for organizing our cases. I can effectively use filters to lower the amount of results when attempting to narrow in on a case.
Reliable and intuitive SOAR platform.
What do you like best about the product?
I love the personalization Swimlane offers and how robust it is for each user. I am able to set up my own reports and it works with our SIEM, Elastic, flawlessly. Support from Swimlane is always prompt and we rarely have downtime that significantly affects our work. Any bugs found can be reported and new features are constantly being developed.
What do you dislike about the product?
Initially, there can be a lot going on and it can be confusing until you get comfortable with Swimlane and setting it up in your environment. The process is well worth it and you learn a great deal about the SOAR from the process.
What problems is the product solving and how is that benefiting you?
Swimlane is helping us organize alerts and events from our SIEM.
I have used swimlane as an analyst and have had a little experience working with the backend.
What do you like best about the product?
I like how customizable the tool is and how easy it is to adjust it to your liking. I have ran into a lot of problems with the tools I use to perform my job but have never been able to fix it but with Swimlane, I can easily go in and adjust specific items with ease to perform most efficiently.
What do you dislike about the product?
Swimlane has been slow at times with working through tasks and will sometimes go out while doing my everyday work. This isnt too frequent but can be annoying at times when I have to catchup after the downtime and make up the work on the time I lost.
What problems is the product solving and how is that benefiting you?
Swimlane is helping me to automate my work by giving me a simple and easy-to-use interface to work through cases and be able to function as efficiently as possible. This makes my investigation time quicker and allows me to focus on the more important cases.
Integrations Galore
What do you like best about the product?
I'm especially impressed by its seamless integration capabilities and the customizable dashboard. Support is awesome, Easy to implement simple integrations.
What do you dislike about the product?
The workflow pages can seem cluttered and hard to navigate when it gets complex
What problems is the product solving and how is that benefiting you?
Swimlane is solving many problems to help elminate manual tasks that will free up analyst time to accomplish other things.
Unlimited Security Automation
What do you like best about the product?
Swimlane is extremely easy to learn and the low-code automation allows for seemingly endless automation opportunities across the entire security landscape. The Swimlane platform can integrate with any tool or IT product to enchance the business and provide security monitoring.
What do you dislike about the product?
Swimlane's UI could use some work. It needs a refresh to look less bland and given a more modern look.
What problems is the product solving and how is that benefiting you?
Swimlane automates repeitive tasks and save Security Analysts tons of time so that they don't have to spend all day doing manual tasks. Alerts can be automatically enriched with threat intelligence information from multiple platforms giving users better insights. Automated Incident Response actions provide instant remediation to stop threats as soon as they happen.
Powerful Automation with Swimlane
What do you like best about the product?
Swimlane provides us with a comprehensive view of our entire toolset. With Python, we can creatively brainstorm solutions to problems that were previously unfeasible without the flexibility Swimlane provides. This enables us to respond quickly to various operational issues, compliance problems, and security incidents.
What do you dislike about the product?
We utilize the original Swimlane Platform, which is built around Python. To leverage Swimlane to its fullest potential, having a Python developer to assist with implementation and customization is recommended. While Swimlane offers out-of-the-box integrations, tailoring them to your specific needs is necessary. Swimlane provides professional services to assist with it all. It's worth noting that Swimlane Turbine is a low-code solution that isn't dependent on Python development experience.
What problems is the product solving and how is that benefiting you?
High Mean-Time to Resolution Metric (MTTR):
The primary goal we achieve with Swimlane is the reduction of the Mean-Time to Resolution metric. We can efficiently bring in detections, correlate them into incidents, identify and enrich organizational assets, enhance indicators of compromise with both open and closed-source threat intelligence, address alert tuning requirements, and respond to and remediate incidents when required. By consolidating all relevant information in one place for our analysts and eliminating the need to switch between multiple tools, we effectively reduce the Mean-Time to Resolution metric. This solution addresses several challenges encountered in our Security Operations Center, including dealing with alert fatigue, reducing user errors with data entry, and accelerating the resolution of incidents.
Synchronizing our Alerting Toolset:
When an incident is closed out in Swimlane, it automatically closes all alerts associated with the incident generated by their respective tools. This automation reduces the need for manual intervention and ensures our toolset maintains accurate information. For senior leadership, this provides accurate vendor-specific dashboards based on different tool-specific metrics. For our analysts, it provides a method to locate incidents in Swimlane based on comments left in other tools.
Synchronizing our Threat Intelligence:
When actionable threat intelligence becomes available, we utilize Swimlane to synchronize indicators of compromise with our toolset. This proactive approach detects and prevents activity in our EDR, NDR, SIEM, ESG, etc., based on findings from our own incidents as well as open and closed-source threat intelligence providers. Our analysts can focus on the current alerts and incidents rather than manual tasks like updating lists of indicators.
The primary goal we achieve with Swimlane is the reduction of the Mean-Time to Resolution metric. We can efficiently bring in detections, correlate them into incidents, identify and enrich organizational assets, enhance indicators of compromise with both open and closed-source threat intelligence, address alert tuning requirements, and respond to and remediate incidents when required. By consolidating all relevant information in one place for our analysts and eliminating the need to switch between multiple tools, we effectively reduce the Mean-Time to Resolution metric. This solution addresses several challenges encountered in our Security Operations Center, including dealing with alert fatigue, reducing user errors with data entry, and accelerating the resolution of incidents.
Synchronizing our Alerting Toolset:
When an incident is closed out in Swimlane, it automatically closes all alerts associated with the incident generated by their respective tools. This automation reduces the need for manual intervention and ensures our toolset maintains accurate information. For senior leadership, this provides accurate vendor-specific dashboards based on different tool-specific metrics. For our analysts, it provides a method to locate incidents in Swimlane based on comments left in other tools.
Synchronizing our Threat Intelligence:
When actionable threat intelligence becomes available, we utilize Swimlane to synchronize indicators of compromise with our toolset. This proactive approach detects and prevents activity in our EDR, NDR, SIEM, ESG, etc., based on findings from our own incidents as well as open and closed-source threat intelligence providers. Our analysts can focus on the current alerts and incidents rather than manual tasks like updating lists of indicators.
Overall intuitive platform for case management and automation workflow.
What do you like best about the product?
Ease of use once you are somewhat familiar with the product. Custome applications allow integration with many tools within your environment. Migration and backup tasks are straight forward wiht no issues,
What do you dislike about the product?
Support is sometimes slow to respond. Also had issues with upgrades/pdates failing requiring engineers to diagnose issues.
What problems is the product solving and how is that benefiting you?
Case management for Incident Response. Also helping us with security response actions, cutting down the time our analysts take to espond.
The best Python Runspace
What do you like best about the product?
Place for all my python scripts and basically a database that you can run ad hoc python tasks as you see fit.
What do you dislike about the product?
No preprocessing of alerts and or incoming data.
What problems is the product solving and how is that benefiting you?
Automation of alerts from multiple sources to one source of truth.
Security automation is the way
What do you like best about the product?
It's a 'when there's a will, there's a way' type of product. What you want to achieve can be done using it. We use it to automat repetitive tasks, perform automated rapid response on security alerts and incidents, and centralize majority of security operations through it. It saves a lot of time and hours for us.
What do you dislike about the product?
There isn't much we dislike about it except for update/upgrade process. It's a bit more involved than other products where you just click on upgrade and you are done. But this is just a very minor dislike.
What problems is the product solving and how is that benefiting you?
We are a small team and not stuffed 24/7. Swimlane saves us hours since we are able to automate a lot of processes that would otherwise consume a lot of our team's time. We are also able to rapidly respond on security alerts through automation as well. The time between discovery and response gets cut down to minutes when it comes to certain alerts/incidents.
showing 1 - 10