Swimlane today announced that its cloud-scale, low-code security automation is being adopted by leading U.S. Government agencies to improve overall cybersecurity effectiveness while meeting the requirements of recently-issued Executive Orders M-22-09 and M-21-31.
The Department of Homeland Security Cybersecurity & Infrastructure Security Agency (CISA), along with Executive Orders from the Biden Administration, has mandated several new security directives around Zero Trust, Logging, and Security Orchestration, Automation and Response (SOAR). These government-wide programs have an immediate impact on the expectations and roadmaps for public sector agencies and component agency security programs. Swimlane security automation provides a centralized system-of-record and SOAR capabilities that help agencies meet these requirements while gaining greater visibility into their operations with consolidated analytics, real-time dashboards and reporting from across the security infrastructure.
U.S. public sector agencies have until the end of FY2024 to implement SOAR technology as part of the adoption of Zero Trust principles laid out by the Office of Management and Budget (OMB) in January. The memorandum refers to implementing security automation capabilities as a “practical necessity.”
“As the number of false alarms and genuine threats increases, agencies need an easy-to-navigate solution that allows them to integrate their entire security stack and automate the manual tasks essential to keeping them secure,” said Cody Cornell, co-founder and chief strategy officer, Swimlane, who formerly held roles with the U.S. Defense Information Systems Agency and Department of Homeland Security.
Cornell continued, “Swimlane’s low-code security automation platform can serve as a crucial foundation for meeting these Zero Trust requirements by becoming the security system of record, which means agencies can seamlessly track and automate security processes, cases and reports from a single customizable interface. This comprehensive visibility allows them to overcome resource constraints and respond to threats faster.”
While Zero Trust relies on an agency’s ability to successfully standardize user authentication and ensure every attempted access is validated before granting access to the organization’s network, federal agencies are also tasked with mitigating an ever-growing number of security alerts, disconnected tools and complex processes. Regulating access on such a granular level is a highly complex process. To be successful, security teams must feel confident in the decisions they make while managing their environments. This is why having access to an end-to-end security automation solution that provides security teams with comprehensive visibility and orchestration that can extend beyond the Security Operations Center (SOC) is crucial.
Swimlane works with numerous partners in the federal and public sector, like Merlin Cyber, to deliver a powerful platform that can help agencies solve even the most sophisticated security challenges. According to Merlin Cyber’s 2022 State of Federal Zero Trust Maturity survey, more than 70 percent of federal agencies are aggressively adopting Zero Trust principles.
“The adoption of Zero Trust strategies is most effective when carried out in conjunction with security automation. As government agencies seek to take more extensive steps to secure their attack surface and maximize incident response, Swimlane’s platform being flexible enough to support use cases beyond traditional SOAR makes it a significant asset.”
Miguel Sian, Senior VP of Technology at Merlin Cyber
Swimlane is the leader in cloud-scale, low-code security automation. Supporting use cases beyond SOAR, Swimlane improves the ease with which security teams can overcome process and data fatigue, as well as chronic staffing shortages. Swimlane unlocks the potential of automation beyond the SOC by delivering a low-code platform that serves as the system of record for the entire security organization and enables anyone within the organization to contribute their knowledge and expertise to the protection of the organization.