High Pace, Large Scale: CFTR Enables Efficient Incident Management with Service Level Agreements

New Feature

Share Blog Post

The Cyware Fusion and Threat Response (CFTR) version 2.4 empowers security decision-makers with an advanced Service Level Agreement (SLA) feature.

How does this feature work?

The Service Level Agreement (SLA) feature allows incident managers to define conditions and time limits for the incident response teams to respond to specific incidents within the stipulated SLAs. Using this feature, incident response managers can define SLAs based on various parameters such as incident type, incident severity, business units affected, and geographic location. This customization also allows incident managers to define SLAs based on their order of priority for incident resolution and enables automated assignment of SLAs to appropriate incidents.

Admins can create two types of SLAs:

Assignment SLA: It covers the triaging phase of an incident and tracks the time from the opening of an incident to the time when it is assigned to a user.
Response SLA: It covers the post-triaging phase of an incident and tracks the time from the assignment of an incident to the closing of the incident.

Setting up the breach limits

To ensure a high SLA compliance, incident managers can also set breach limits along with automated notifications for incident assignees or SOC managers in case an SLA is about to be breached. This feature provides an option to escalate SLA violations by configuring an automated escalation roster, as applicable to the incident. Additionally, users can set a custom order of priority for the applicable SLAs using the “Re-order” function as per the organization’s needs.

Incident management at scale

The SLA feature in CFTR provides several benefits for incident managers and their teams such as:

A bird’s eye view for tracking the performance of the incident response teams through dedicated real-time SLA status tracking widgets on the Dashboard. This enables incident response managers to identify the gaps or shortcomings in crucial metrics, such as Mean-time-to Response (MTTR) and Mean-time-to-Detection (MTTD).
The incident management process, when coupled with the relevant automation, allows service desk teams and analysts to keep an eye on SLA compliance, and improve performance over time. Organizations can further improve SOC maturity by establishing customizable yet consistent incident management processes for teams spread across different business units or geographic locations.

Conclusion

The key to improving incident response operations is through harmony between people, processes, and technology. The CFTR version 2.4 takes a major step in this direction by enabling security teams to bring their own SLAs to meet complex operational requirements and improve the overall cybersecurity posture.

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

Cyber Fusion Center

Intel Exchange

Intel Exchange Lite

Collaborate

Respond

Orchestrate

Threat Intelligence Ecosystem

Solutions for ISACs, ISAOs, and CERTs

Solutions for ISAC, ISAO, and CERT Members

Intel Exchange Spoke

Cyware Browser Extension

Partners & Integrations

Channel Partners

MSSPs

Technology Alliances

Open APIs

MISP

Register a Deal

CywareOne Login

Resources Library

Resource Library

Cyware Labs: Research & Threat Briefings

Security Guides

Free Threat Intel Feeds

Webinars & Videos

Community Resources

Cyware Academy

Contact Us

Leadership

Careers

Cyware in the News

Press Releases

Compliance

High Pace, Large Scale: CFTR Enables Efficient Incident Management with Service Level Agreements

Share Blog Post

How does this feature work?

Admins can create two types of SLAs:

Setting up the breach limits

Incident management at scale

Conclusion

Tags

More from Cyware

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases