Swimlane announces integration with Microsoft to bolster security automation

Integration enables more Microsoft customers to take advantage of security orchestration, automation and response (SOAR)

DENVER — (Feb. 25, 2019)—Swimlane, a leader in security orchestration, automation and response (SOAR), today announced that it has joined the Microsoft Intelligent Security Association and will integrate Microsoft solutions with the Swimlane platform using the Microsoft Graph Security API. Users can now retrieve alerts from any provider and launch automated workflows from alerts to conduct data enrichment, obtain threat intelligence, remediate threats and perform complex incident response actions.

“Swimlane was founded to deliver scalable, innovative and flexible security solutions to organizations struggling with alert fatigue, vendor proliferation and chronic staffing shortages, and this integration ensures security operations centers can get the most out of available resources and accelerate incident response processes,” said Cody Cornell, Swimlane’s co-founder and CEO. “With more and more bad actors banding together, it is important to pull together security vendors to share intelligence, discuss the latest threats and deliberate about advances in our industry. By joining the Microsoft Intelligent Security Association, Swimlane will be able to share this type of information with other Association members and enhance the capabilities we can extend to our customers.”

Swimlane’s SOAR platform integrates with Microsoft solutions via the Graph API to orchestrate and automate incident response processes across all Microsoft and third-party security platforms, other relevant products and infrastructure. This delivers better threat response capabilities with significantly faster mean time to resolution (MTTR) without adding overhead.

Importing security event data and additional relevant context from Microsoft products into Swimlane via the Graph API and others will deliver consolidated event details from multiple platforms for rapid investigation and alarm triage. This integration ensures that Microsoft’s customers are better able to protect their entire infrastructure through deep integration that delivers comprehensive, centralized and automated incident response.

“We are thrilled about the opportunity to bring Swimlane into the Microsoft Intelligent Security Association, ,” said Ryan McGee, director, Microsoft Security Marketing at Microsoft Corp. “SOAR is gaining steam, and automation will play a key role in determining where the security sector goes from here. Bad actors are joining forces, and security vendors need to align to help defenders protect our digital way of life.”

Microsoft’s security API enables a single point of programmatic access to aggregated security insights from Microsoft and partner security solutions as well as business information from other Microsoft Graph entities (Office 365, Azure Active Directory, Intune and more) that can add valuable context to threat analysis. Beyond streamlining and expediting previously siloed and manual incident response processes through automation and orchestration, additional features of the integration include the ability to obtain all alert details in a consistent format from the Graph Security API as well as the ability to update any Graph Security API alert. Customers can now automatically enrich, categorize, resolve, change the priority of and more for any Graph Security API alert in the Swimlane platform.

Swimlane will be providing demonstrations of its SOAR solution with the Graph integration at booth #6059 at the RSA Conference 2019. For more information about how this integration can benefit your organization, please visit https://swimlane.com/.


Swimlane is at the forefront of the growing market of security automation, orchestration and response (SOAR) solutions and was founded to deliver scalable and flexible security solutions to organizations struggling with alert fatigue, vendor proliferation and chronic staffing shortages. Swimlane’s solution helps organizations address all security operations (SecOps) needs, including prioritizing alerts, orchestrating tools and automating the remediation of threats—improving performance across the entire organization. Swimlane is headquartered in Denver, Colorado with operations throughout North America and Europe. For more information, visit www.Swimlane.com.

Share this article

Share on facebook
Share on twitter
Share on linkedin
Share on email