.jpg)
We're thrilled to announce the availability of Salem 3.0. Salem can now able to respond and take action on threats in under 2 minutes.
The Floating Action Button: Salem Works Where You Work
Salem 3.0 introduces the Floating Action Button where you can bring the power of Salem directly into your browser. Salem intelligently follows SOC analysts to uncover insights during alert investigations, understanding what they are viewing within tool interfaces like Microsoft Defender, SentinelOne, Crowdstrike, and Splunk. This means you can:
- Instantly view automatically enriched data, threat analysis, and response options, all right in the your existing workflow and portals.
- Input relevant investigation details back into Salem without ever leaving your browser window.
This feature transforms how you conduct investigations, ensuring you can enrich your analysis on the fly without ever breaking your stride. By intelligently bringing critical alert context and capabilities directly to your browser, it eliminates workflow interruptions that typically plague alert triage.
The Run Action Button: From Insight to Response in a Single Click
Closing the loop on detection and response, Salem 3.0 also unveils the powerful Run Action Button. For the first time, we now have user-directed response actions in third party systems that can now be done directly from Salem's threat notification.
With the Run Action button, your entire workflow, from initial investigation and analysis all the way to response, can now be completed within Salem:
- Isolating hosts
- Reset passwords
- Updating case management tools
- Allow/block domains
What's more, the Run Action button empowers analysts to automate tasks given similar conditions. Perform an action once and then instruct Salem to automatically apply it in similar situations in the future.
The impact: Now, not only does Salem find you where you are to tell you something that happened, but now you can take an action directly within Salem, lowering your MTTR even more.
