SOAR

The latest News and Information on Security Orchestration, Automation and Response.

Micro Lesson: Cloud SOAR Automated Responder Knowledge (ARK)

May 10, 2023 By Sumo Logic In Sumo Logic

Learn more about Cloud SOAR's Automated Responder Knowledge (ARK) feature, which uses machine learning to dynamically suggest playbooks in response to incidents, based on other similar incidents.

View Video

Sumo Logic

Read more about Micro Lesson: Cloud SOAR Automated Responder Knowledge (ARK)

Torq Hyperautomation: The Most Talked About Product at RSAC

May 5, 2023 By Don Jeter In Torq

When you say, “SOAR is Dead,” you’ll get some attention, and that’s exactly what happened at RSAC 2023. But it wasn’t just a statement that created the buzz.

Read Post

Torq

Read more about Torq Hyperautomation: The Most Talked About Product at RSAC

The Devo Platform: An Integrated SaaS SIEM | SOAR | UEBA | AI Solution

May 4, 2023 By Devo In Devo

People or AI? YES. Is your organization equipped to handle today's and tomorrow’s threats with your existing security team or with artificial intelligence? The answer is YES. Yes, to both of them. Yes, to all of it. Whether it’s dealing with the constantly evolving threatscape or the shortage of affordable, available cyber professionals, leadership needs to fill the gap with people and AI. It’s not either/or.

View Video

Devo

Read more about The Devo Platform: An Integrated SaaS SIEM | SOAR | UEBA | AI Solution

Splunk SOAR Playbook of the Month: Tackling Phishing Attempts with Identifier Reputation Analysis

May 3, 2023 By Haythem Hammour In Splunk

Security professionals have become all too familiar with the threat posed by phishing. Whether it’s a convincing looking email asking an employee to click a link to update their login credentials or a surprise text from the CEO asking them to send over gift card codes for a customer, phishing attacks have only continued to grow over the years. For 2023 alone, 33 million data records are expected to be compromised due to phishing attacks.

Read Post

Splunk

Read more about Splunk SOAR Playbook of the Month: Tackling Phishing Attempts with Identifier Reputation Analysis

Automate Reporting for Security Awareness Training Events and Suspicious Email Remediation Management with Cortex XSOAR and KnowBe4

May 1, 2023 By Stu Sjouwerman In KnowBe4

Security teams face unique challenges in today’s rapidly-changing landscape of phishing, malware, and other social engineering and cybersecurity threats. Collaboration across disparate teams and siloed tools adds additional layers of complexity to security teams’ day-to-day operations. When security teams use different systems for simulated phishing, security awareness training, incident response and remediation, it is difficult to track and optimize the full lifecycle of an incident.

Read Post

KnowBe4

Read more about Automate Reporting for Security Awareness Training Events and Suspicious Email Remediation Management with Cortex XSOAR and KnowBe4

SOAR is Dead. Why HYPERAUTOMATION is What's Next.

Apr 20, 2023 By Don Jeter In Torq

Today, Torq transformed security automation forever with the debut of the world’s first enterprise-grade security hyperautomation platform. Why does that matter? I’ll let Gartner explain. It says “Hyperautomation is a business-driven, disciplined approach that organizations use to rapidly identify, vet, and automate as many business and IT processes as possible.” Simply put, it’s the future of security automation, and we’re delivering on its promise, today.

Read Post

Torq

Read more about SOAR is Dead. Why HYPERAUTOMATION is What's Next.

What is SOAR and how does it improve threat detection and remediation?

Apr 19, 2023 By The Redscan Team In Redscan

SOAR (Security Orchestration, Automation and Response) refers to the combination of three different technologies: security orchestration and automation, security incident response platforms (SIRP) and threat intelligence platforms (TIP). SOAR technologies allow organisations to collect and aggregate vast amounts of security data and alerts from a multitude of sources.

Read Post

Redscan

Read more about What is SOAR and how does it improve threat detection and remediation?

New CrowdStrike Falcon Fusion Features Refine Workflow Automation for CrowdStrike Customers

Apr 18, 2023 By Mirza Baig In CrowdStrike

CrowdStrike Falcon® Fusion is a cloud-scale, extensible security orchestration, automation and response (SOAR) framework that’s natively integrated with the CrowdStrike Falcon® platform and available to CrowdStrike customers at no added cost.

Read Post

CrowdStrike

Read more about New CrowdStrike Falcon Fusion Features Refine Workflow Automation for CrowdStrike Customers

Send Your SOAR Events to Splunk

Apr 14, 2023 By Endri Teme In Splunk

During a recent Proof of Concept (PoC) for Splunk SOAR with an existing customer of Splunk Enterprise Security (ES), I was asked if it was possible to send events/containers available in Splunk SOAR to Splunk ES as a Notable Event. While the reverse process of sending ES Notable Events to Splunk SOAR is highly documented, I was surprised to find hardly any documentation about the use case my customer brought up during the PoC. Hence, my cue to write my first ever Splunk blog!

Read Post

Splunk

Read more about Send Your SOAR Events to Splunk

Splunk SOAR Playbooks - Dynamic Identifier Reputation Analysis (Part 1)

Apr 13, 2023 By Splunk In Splunk

The Dynamic Identifier Reputation Analysis playbook is an essential tool for any security operations center (SOC) team looking for a comprehensive view of their environment’s threat landscape. By leveraging MITRE DEFEND's approach for dynamic identifier reputation analysis, SOC teams can quickly identify potential threats and vulnerabilities and take proactive steps towards mitigating risk before it causes damage.

View Video