1.5. Presentation of Reflex

Reflex is the solution for automation of responses to cybersecurity events offered by Gatewatcher.

It interacts with all the security equipment of the information systems before executing automated processes to process these events.

These automated processes are called playbooks in Reflex.

A playbook is a collection of pre-defined and organized sequences of actions or processes to be used to implement and/or optimize security incident response operations.

Security solutions that Reflex connects to can be, for example, Security Information and Event Management (SIEM), network security tools, data from Threat Intelligence solutions, etc.

For each third-party application on the market to which Reflex must connect, a package is assigned.

For example, the Gatewatcher-NDR package allows:

• To connect Reflex to the GCenter application of the AionIQ Gatewatcher solution

• To retrieve event data, to enrich it or collect alerts, and to respond to them

---