Blog
Automation For All: Why We Built Flashpoint Automate
Our low-code security automation platform democratizes workflow automation and gives precious time, energy, and resources back to security and threat intelligence analysts
A vision realized
When Flashpoint acquired security automation provider CRFT in late 2020, we did so with a vision in mind: to provide everyone, regardless of experience or technical expertise, with the capability to automate their own security workflows.
Now, it’s become a reality.
On behalf of the entire team, I’m excited to introduce Flashpoint Automate—our low-code security automation platform that allows CTI, SOC, fraud, vulnerability management, and physical security teams to build automated incident response workflows around repetitive security-related tasks.
Now, allow me to tell you about it—why we created it and who will reap its benefits.
The necessity of automation equity
Why we built Flashpoint Automate
We built Flashpoint Automate to level the playing field and democratize workflow automation for security, intelligence, and risk management teams.
Flashpoint customers operate in a wide variety of fields and industries. They’re some of the smartest people we’ve ever met and they’re inherently capable of anything. Many of them, however, just don’t write code.
How Security Automation Bridges the Intelligence-Action Gap
When we ask them why they’re interested in Automate—even when their organization has an existing automation solution in some cases—the responses create an echo: I just want to be able to automate my own workflows so I don’t have to wait on another person to do it.
That’s such an important insight that tells us that non-developers would automate too if given the capabilities to do so. It’s the reason why I moved over to Flashpoint to lead the launch of Automate. Automation equity is the why that drives our team, not the what.
We believe that everyone should be able to create efficiencies for themselves.
What is Flashpoint Automate?
Flashpoint Automate delivers low-code automation capabilities for security-related workflows so analysts can automate repetitive manual tasks, allowing them to perform more rewarding, big-picture work.
Through the Flashpoint Automate interface, you’re able to build automated workflows that visually represent an overall security-related process. In addition to the platform and interface, a continuously growing suite of third-party integrations and capabilities allow you to build the automated equivalent of what you’re performing manually today.
Ultimately, Flashpoint Automate will help organizations address alert fatigue and offset the cybersecurity talent shortage by acting as a force multiplier and accelerant, saving teams time and resources—all of which are in limited supply.
Automation? Don’t I need to be a developer to do that?
When we hear the term “automation,” many of us tend to think about technical skills like coding or some secret invite-only society that controls all the automation skills in the world.
“We built Automate to level the playing field and democratize workflow automation. Everyone, regardless of coding experience, should be able to create efficiencies for themselves.”
— Rob D’Aveta
Executive Director, Automation at Flashpoint
As far as I’m aware, there is no secret society. However, the unfortunate reality is that automating workflows in the security industry continues to be inherently exclusive.
Consider the following road-blocked scenarios:
- Perhaps you’ve got great workflow ideas but you simply don’t have the tools or experience to automate them, so your great ideas continue to be just ideas.
- Or maybe you’re lucky and there’s a person on your team with coding skills who can bring your workflow automations to life for you. What happens when they become inundated with work or leave the organization? What then, if the thing they built winds up breaking?
Creating workflow efficiencies for yourself through automation shouldn’t require you to be a developer.
SOAR, engineering, and unicorn analysts
SOAR (Security Orchestration, Automation, and Response) technologies are powerful and, best of all, they work—provided you’re a developer or a consumer of their output, that is.
SOAR solutions require a team of engineers to perform the care-and-feeding of the platform. But cybersecurity engineers with development experience are, in fact, unicorns; there are simply not enough analysts with coding skills to go around.
As a result, a backlog of work will begin to grow, causing delays that force your organization to operate at a slower pace than you’re willing to accept.
And let’s be clear: This isn’t a knock against engineering teams. They’re great, but they’re a precious commodity with competing priorities that might not be your priorities.
The missing puzzle piece
In a previous role, my teams and I saw ourselves become veritable gatekeepers (we preferred to not say “roadblock”) to workflow automation. In a sense, we were in control of whether or not a team could move faster or focus on higher priority work.
It wasn’t necessarily a position we wanted to be in, so we attempted to democratize the work by training analysts across the 14+ teams we supported to use our SOAR platform. One of those requirements was—yep, you guessed it—coding experience. While we enjoyed some success, it ultimately fizzled out: there were simply not enough analysts with coding skills to go around.
If we had had a low-code automation solution like Flashpoint Automate to supplement our SOAR solution, we could have trained our analysts to be self-enabling.
Put automation to work
Cyber, fraud, and physical security teams can automate repeatable and manual processes using Flashpoint Automate, which works in concert with the Flashpoint Intelligence Platform and numerous other tools in your company’s ecosystem. Sign up for a free demo today and see Flashpoint Automate in action.