%term

The latest News and Information on Security Orchestration, Automation and Response.

Splunk SOAR Playbooks: Conducting an Azure New User Census

Nov 9, 2021 By Splunk In Splunk

Tune in to the Tech Talk to learn how to get started with an account monitoring use case, how our newest community playbook initiates a scheduled review of new accounts created in Azure Active Directory each week, and how your security team should have a good understanding of the frequency and common attributes of newly created accounts.

View Video

Splunk

Read more about Splunk SOAR Playbooks: Conducting an Azure New User Census

Cybersecurity Breakthrough Awards Names ThreatQuotient Security Automation Solution of the Year

Nov 2, 2021 By Marc Solomon In ThreatQuotient

With thousands of tools and technologies to choose from, navigating through cybersecurity categories and technologies to find a solution that meets your organization’s needs can be challenging. The annual Cybersecurity Breakthrough Awards program helps you solve that problem by aiming to perform the most comprehensive evaluation of cybersecurity companies and solutions on the market today and recognizing the leaders.

Read Post

ThreatQuotient

Read more about Cybersecurity Breakthrough Awards Names ThreatQuotient Security Automation Solution of the Year

Adaptable Incident Response with Splunk Phantom Modular Workbooks

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn how Phantom can dynamically add tasks to your workbooks, understand why workbooks might need to adapt during investigations, and see modular workbook development in action and utilize these examples in your organization.

View Video

Splunk

Read more about Adaptable Incident Response with Splunk Phantom Modular Workbooks

RBA Investigations at Machine Speed with Splunk Phantom

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn how to incorporate threat indicators to your RBA strategy, build an extensible Phantom playbook framework for new use-cases, and automate analyst information gathering steps.

View Video

Splunk

Read more about RBA Investigations at Machine Speed with Splunk Phantom

Lift Your Spirits With Splunk SOAR

Oct 28, 2021 By Alexa Araneta In Splunk

Halloween is just around the corner and we’re looking forward to trick-or-treating, donning our best costumes, and watching movies. A few of my favorite movies that I watch around Halloween time remind me of our most recent Splunk SOAR updates. Is that a stretch? Possibly. But hey it’s Halloween, let’s have some fun and I’ll try to make it as humerus as possible 💀

Read Post

Splunk

Read more about Lift Your Spirits With Splunk SOAR

Splunk SOAR Feature Overview: Visual Playbook Editor + Input Playbooks

Oct 20, 2021 By Splunk In Splunk

Splunk SOAR’s new, modern visual playbook editor makes it easier than ever to create, edit, implement and scale automated playbooks to help your team eliminate security analyst grunt work, and respond to security incidents at machine speed. Now, anyone can automate, allowing your team to achieve faster time to value from your SOAR tool. In this demo, we'll show you how to build an "input playbook". Input playbooks are used to automate simple IT and security tasks, and can then be leveraged as part of larger, more complex playbooks for a more modular approach to automation.

View Video

Splunk

Read more about Splunk SOAR Feature Overview: Visual Playbook Editor + Input Playbooks

Sumo Logic recognized as a Leader in the GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR)

Oct 19, 2021 By Dario Forte In Sumo Logic

Everyone here at Sumo Logic is thrilled to announce our inclusion as a Leader and Outperformer in the 2021 GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR). We’re excited that our Cloud SOAR solution is getting this recognition and we’re confident that this is just the beginning. We are even more motivated to keep on innovating and molding Cloud SOAR into a solution that will pave the way for the future of the modern SOC.

Read Post

Sumo Logic

Read more about Sumo Logic recognized as a Leader in the GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR)

Splunk SOAR Feature Overview: Apps

Oct 19, 2021 By Splunk In Splunk

Splunk SOAR apps are the integration points between Splunk SOAR and other security technologies. Through apps, Splunk SOAR directs your other security tools to perform actions, such as direct VirusTotal to check file reputation or Cisco Firewall to block an IP. Splunk SOAR’s app model supports integration with over 350 tools and over 2100 different actions. All Splunk SOAR apps are available on Splunkbase.

View Video

Splunk

Read more about Splunk SOAR Feature Overview: Apps

Splunk SOAR Feature Overview: App Editor

Oct 19, 2021 By Splunk In Splunk

A common task on the Splunk SOAR platform is installing a new app, or updating existing apps. Apps extend the Splunk SOAR platform by integrating third-party security products and tools. With the Splunk SOAR App Editor, you can create, edit, and test apps all from one place, making the app development experience easier and faster than ever. We currently offer more than 350 premade apps that are accessible right now.

View Video

Splunk

Read more about Splunk SOAR Feature Overview: App Editor

How Cloud SOAR mitigates the cybersecurity skill gap problem in modern SOCs

Oct 7, 2021 By Davor Karafiloski In Sumo Logic

Even though the cybersecurity skill gap dropped for the first time in recorded history in 2020, it is still one of the most pressing problems in the industry. Demand continues to eclipse the supply of skilled cybersecurity professionals. The scarcity of qualified security workers with the right skill set, experience, and talent means that critical vulnerabilities turn many organizations into sitting ducks in the eyes of hackers.

Read Post