Splunk SOAR Demo Video
Watch this demo to learn more about key capabilities of Splunk SOAR, including orchestration, automation, playbook development, case management, and collaboration functionality.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
The latest News and Information on Security Orchestration, Automation and Response.
Splunk SOAR Feature Video: Playbooks
Splunk SOAR playbooks automate security and IT actions at machine speed. Playbooks execute a sequence of actions across your tools in seconds, vs hours or more if you perform them manually. Splunk SOAR comes with 100 pre-made playbooks out of the box, so you can start automating security tasks right away. Splunk SOAR’s visual playbook editor makes it easier than ever to create, edit, implement and scale automated playbooks to help your business eliminate security analyst grunt work. *Users can build and edit playbooks in the original horizontal visual playbook editor, or the vertical visual playbook editor introduced in August 2021.
Legacy vs. Modern Cloud SOAR-Powered SOC
Those who don’t move forward are moving backward. This saying particularly holds true in the cyber security world, as the constantly evolving threat landscape puts enormous pressure on traditional SOC teams. Most traditional SOC teams are understaffed, lack specific skills and are overworked.
How to Assess and Up-level Your Organization's Maturity for SOAR, Gartner's Take
Earlier this year, Gartner published its latest research on the Security Orchestration, Automation and Response (SOAR) market in a report entitled, “Is Your Organization Mature Enough for SOAR?”. We’ve been talking to clients about this very subject and agree with Gartner that SOAR tools can increase SecOps efficiency and consistency, provided organizations have laid the proper groundwork.
Splunk SOAR Feature Video: Custom Functions
Splunk SOAR’s custom functions allow shareable custom code across playbooks and the introduction of complex data objects into the playbook execution path. These aren’t just out-of the-box playbooks, but out-of-the-box custom blocks that save you time and effort. This allows for centralized code management and version control of custom functions providing the building blocks for scaling your automation, even to those without coding capabilities.
Splunk SOAR Feature Video: Contextual Action Launch
Splunk SOAR apps have a parameter for action inputs and outputs called "contains". These are used to enable contextual actions in the Splunk SOAR user interface. A common example is the contains type "ip". This is a powerful feature that the platform provides, as it allows the user to chain the output of one action as input to another.
Splunk SOAR Feature Video: Investigation Command Line
When you're on the Splunk SOAR investigation page, there are several ways to run actions. One of the easiest ones is to use the command line, down where you would write comments in the event. If you start off with a slash (/) you get prompting for the action you would like to choose.
Splunk SOAR Feature Video: Create a Manual Event
If you haven’t done anything on your Splunk SOAR instance yet you'll see zeros across the top in what we call the ROI summary. So how do you get started creating events in Splunk SOAR?
Splunk SOAR Feature Video: Configure Third Party Tools
To get started in Splunk SOAR, you will need to configure an asset. Assets are the security and infrastructure assets that you integrate with the Splunk SOAR platform, like firewalls and endpoint products. Splunk SOAR connects to these assets through apps. Apps extend the platform by integrating third-party security products and tools.
Splunk SOAR Feature Video: Install/Update Apps
A common task on the Splunk SOAR platform is installing a new app, or updating existing apps. Apps extend the Splunk SOAR platform by integrating third-party security products and tools. We currently offer more than 350 premade apps that are accessible right now.