Many companies have automated systems in place for preventing, detecting, and investigating security incidents, but automating the incident response and mitigation process for networks and endpoint devices has been a tougher nut to crack.
That includes actions such as automatically re-imaging endpoint devices, isolating devices from corporate networks, or shutting down particular network processes in order to quickly and efficiently respond to attacks.