What’s new in Cymph: Feature release round-up
Discover Cymph's latest features: automated framework coverage analysis, dual-view playbooks, AI-assisted playbook generation, expanded integrations, and more.
We're constantly shipping new features and improvements to make Cymph a more powerful platform for managing security playbooks and operations. This month brings a significant set of updates, from enhanced playbook editing capabilities to expanded integration options and improved security controls. Here's a round-up of what's new.
Mind Maps: Automated Framework Coverage Analysis
Last week, we introduced Mind Maps, one of our most powerful features yet for gap analysis and framework mapping.
Mind Maps automatically correlate your playbooks against security frameworks like MITRE ATT&CK, MITRE D3FEND, MITRE ATLAS, and ISO 27001. What traditionally takes security teams days if not weeks of manual mapping in spreadsheets now happens automatically.
Mind Maps provides instant visibility into your coverage status, identifies gaps in your defences, and recommends playbooks from our playbooks library to address uncovered techniques or allows you auto-generate playbooks using AI. You can create custom presets tailored to your organisation's specific requirements, and any changes to your playbooks are automatically reflected in your coverage analysis.
Dual-View Playbook Management
Playbooks now support two complementary views: text view and workflow view.
Not every security procedure can be effectively encoded as a workflow. Many playbooks are inherently text-based, containing contextual information, decision guidelines, and procedures that don't translate cleanly into executable workflows. Cymph now natively supports both formats, allowing you to choose the right approach for each playbook.
The text view includes a new built-in block-based editor, making it easier to create well-structured, formatted playbook documentation. You can also generate workflows directly from your text-based procedures using AI. For example, if you have a list of actions to take during an incident, Cymph can convert it into an executable workflow automatically.
Expanded Integrations and Import Options
We've added multiple ways to bring existing content into Cymph. Most incident response plans and security playbooks exist either as documents, PDFs, or wiki pages or as machine-readable playbooks. Rather than manually recreating this content, you can now import directly from:
Documents and knowledge management platforms:
- PDF, DOC/DOCX, and plain text files
- Confluence pages
SOAR and automation platforms:
- Cortex XSOAR playbooks (file uploads and direct connections to live instances)
- n8n workflows from live instances
This eliminates the need to rebuild existing security knowledge from scratch.
AI-Assisted Playbook Generation
You can now generate playbooks from natural language prompts. Simply describe what you need, like you would with ChatGPT or any other LLM, and Cymph generates a playbook based on your requirements.
Whether you're creating an incident response plan for a specific threat or documenting a new security procedure, AI-assisted generation provides a starting point that you can refine and customise.
Enhanced Playbook Management
Several additions make day-to-day playbook management more efficient:
- Progress status: mark individual steps or the entire playbook based on its completion status (started, in progress, in review, completed)
- Asset and alert types: Map a playbook with asset and alert types so they can be searched faster and linked with the rest of your tools
- Attachments: Add evidence files and reference documentation directly to playbooks for better context and completeness
- RACI matrix: Define Responsible, Accountable, Consulted, and Informed roles within playbook properties for clearer ownership and accountability
- Bulk operations: Perform actions like duplicate, remove, favourite, download, and watch on multiple playbooks simultaneously
- Trash bin: Restore accidentally deleted playbooks instead of losing them permanently
- Watch list: Monitor changes to playbooks of interest, making it easy to stay updated on critical procedures or playbooks under active development
Automatic Github Backup
Your playbooks can now be automatically backed up to Github on a periodic schedule. This provides disaster recovery protection and meets audit requirements for teams that need version-controlled records of their security procedures.
UI/UX Improvements
The playbook interface has been redesigned for better usability:
- Redesigned tables and import workflows: Streamlined interfaces make it faster to manage and import playbooks
- Tiles view: Browse playbooks visually alongside the traditional table view
- Improved navigation: Easier access to different sections of the platform
Security and Technical Enhancements
Multi-Factor Authentication (MFA) is now available to add an extra layer of account security.
We've also enriched the asset inventory. The platform now supports 100+ asset types for comprehensive asset management.
Get Started
All of these features are available now. If you're already using Cymph, log in to explore the new capabilities.
If you're new to the platform, book a demo to see how Cymph can streamline your security operations and simplify playbook management.
As always, we'd love to hear your feedback on these updates and what you'd like to see next.
