Security | Threat Detection | Cyberattacks | DevSecOps | Compliance


The latest News and Information on Security Orchestration, Automation and Response.

The Devo Platform: An Integrated SaaS SIEM | SOAR | UEBA | AI Solution

People or AI? YES. Is your organization equipped to handle today's and tomorrow’s threats with your existing security team or with artificial intelligence? The answer is YES. Yes, to both of them. Yes, to all of it. Whether it’s dealing with the constantly evolving threatscape or the shortage of affordable, available cyber professionals, leadership needs to fill the gap with people and AI. It’s not either/or.

Splunk SOAR Playbook of the Month: Tackling Phishing Attempts with Identifier Reputation Analysis

Security professionals have become all too familiar with the threat posed by phishing. Whether it’s a convincing looking email asking an employee to click a link to update their login credentials or a surprise text from the CEO asking them to send over gift card codes for a customer, phishing attacks have only continued to grow over the years. For 2023 alone, 33 million data records are expected to be compromised due to phishing attacks.


Automate Reporting for Security Awareness Training Events and Suspicious Email Remediation Management with Cortex XSOAR and KnowBe4

Security teams face unique challenges in today’s rapidly-changing landscape of phishing, malware, and other social engineering and cybersecurity threats. Collaboration across disparate teams and siloed tools adds additional layers of complexity to security teams’ day-to-day operations. When security teams use different systems for simulated phishing, security awareness training, incident response and remediation, it is difficult to track and optimize the full lifecycle of an incident.


SOAR is Dead. Why HYPERAUTOMATION is What's Next.

Today, Torq transformed security automation forever with the debut of the world’s first enterprise-grade security hyperautomation platform. Why does that matter? I’ll let Gartner explain. It says “Hyperautomation is a business-driven, disciplined approach that organizations use to rapidly identify, vet, and automate as many business and IT processes as possible.” Simply put, it’s the future of security automation, and we’re delivering on its promise, today.


What is SOAR and how does it improve threat detection and remediation?

SOAR (Security Orchestration, Automation and Response) refers to the combination of three different technologies: security orchestration and automation, security incident response platforms (SIRP) and threat intelligence platforms (TIP). SOAR technologies allow organisations to collect and aggregate vast amounts of security data and alerts from a multitude of sources.


New CrowdStrike Falcon Fusion Features Refine Workflow Automation for CrowdStrike Customers

CrowdStrike Falcon® Fusion is a cloud-scale, extensible security orchestration, automation and response (SOAR) framework that’s natively integrated with the CrowdStrike Falcon® platform and available to CrowdStrike customers at no added cost.


Send Your SOAR Events to Splunk

During a recent Proof of Concept (PoC) for Splunk SOAR with an existing customer of Splunk Enterprise Security (ES), I was asked if it was possible to send events/containers available in Splunk SOAR to Splunk ES as a Notable Event. While the reverse process of sending ES Notable Events to Splunk SOAR is highly documented, I was surprised to find hardly any documentation about the use case my customer brought up during the PoC. Hence, my cue to write my first ever Splunk blog!

Splunk SOAR Playbooks - Dynamic Identifier Reputation Analysis (Part 1)

The Dynamic Identifier Reputation Analysis playbook is an essential tool for any security operations center (SOC) team looking for a comprehensive view of their environment’s threat landscape. By leveraging MITRE DEFEND's approach for dynamic identifier reputation analysis, SOC teams can quickly identify potential threats and vulnerabilities and take proactive steps towards mitigating risk before it causes damage.