Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SOAR

The latest News and Information on Security Orchestration, Automation and Response.

Lift Your Spirits With Splunk SOAR

Halloween is just around the corner and we’re looking forward to trick-or-treating, donning our best costumes, and watching movies. A few of my favorite movies that I watch around Halloween time remind me of our most recent Splunk SOAR updates. Is that a stretch? Possibly. But hey it’s Halloween, let’s have some fun and I’ll try to make it as humerus as possible 💀

Splunk SOAR Feature Overview: Visual Playbook Editor + Input Playbooks

Splunk SOAR’s new, modern visual playbook editor makes it easier than ever to create, edit, implement and scale automated playbooks to help your team eliminate security analyst grunt work, and respond to security incidents at machine speed. Now, anyone can automate, allowing your team to achieve faster time to value from your SOAR tool. In this demo, we'll show you how to build an "input playbook". Input playbooks are used to automate simple IT and security tasks, and can then be leveraged as part of larger, more complex playbooks for a more modular approach to automation.

Sumo Logic recognized as a Leader in the GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR)

Everyone here at Sumo Logic is thrilled to announce our inclusion as a Leader and Outperformer in the 2021 GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR). We’re excited that our Cloud SOAR solution is getting this recognition and we’re confident that this is just the beginning. We are even more motivated to keep on innovating and molding Cloud SOAR into a solution that will pave the way for the future of the modern SOC.

Splunk SOAR Feature Overview: Apps

Splunk SOAR apps are the integration points between Splunk SOAR and other security technologies. Through apps, Splunk SOAR directs your other security tools to perform actions, such as direct VirusTotal to check file reputation or Cisco Firewall to block an IP. Splunk SOAR’s app model supports integration with over 350 tools and over 2100 different actions. All Splunk SOAR apps are available on Splunkbase.

Splunk SOAR Feature Overview: App Editor

A common task on the Splunk SOAR platform is installing a new app, or updating existing apps. Apps extend the Splunk SOAR platform by integrating third-party security products and tools. With the Splunk SOAR App Editor, you can create, edit, and test apps all from one place, making the app development experience easier and faster than ever. We currently offer more than 350 premade apps that are accessible right now.

How Cloud SOAR mitigates the cybersecurity skill gap problem in modern SOCs

Even though the cybersecurity skill gap dropped for the first time in recorded history in 2020, it is still one of the most pressing problems in the industry. Demand continues to eclipse the supply of skilled cybersecurity professionals. The scarcity of qualified security workers with the right skill set, experience, and talent means that critical vulnerabilities turn many organizations into sitting ducks in the eyes of hackers.

Splunk SOAR Feature Video: Case Management

Case management functionality is built into Splunk SOAR. Using workbooks, you can codify your standard operating procedures into reusable templates. Splunk SOAR supports custom and industry standard workbooks such as the NIST-800 template for incident response. You can divide tasks into phases, assign tasks to team members, and document your work.