Second Order Security - Episode 7 - SOAR Games: Volume 2
Continuing our playbook building games, Dan and Tom heckle Danny through breaking down a master playbook into modular playbooks. Danny continues to screw up his audio.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
The latest News and Information on Security Orchestration, Automation and Response.
Current Events Have You Worried? Our Program Development Services Can Help.
Sometimes the hardest part of any project is getting started. But when it comes to strengthening your security operations program, the escalation of cyberattacks over the last few months have shown us there’s no time to waste. You need to make sure you’re leveraging threat intelligence throughout your security operations to understand your adversaries, strengthen defenses, and accelerate detection and response.
A day in the life of cybersecurity. Splunk customer stories of SOC-cess
We have a saying at Splunk. It goes something like “if you’re ever having a bad day, go and talk to a customer”. What organizations around the world are doing with their data and Splunk brings a huge smile and an eyebrow raising, positive “can’t quite believe you’ve done that” very-impressed nod of the head. That’s never more true than with our security customers.
SOARing to the Clouds with Splunk SOAR
For years, security practitioners have kicked and screamed about their reality. There are too many alerts to fully investigate and manually resolve every day. There is a massive talent shortage of qualified security professionals across the globe. Then couple that with analyst burnout and siloed security point-products. All of these factors are preventing security operation centers (SOCs) from operating at their full potential, with increased efficiency, performance and speed.
SOCtails Episode 4 - Respond Fast to Security Incidents with Automated Playbooks
Investigating and responding to phishing attacks is tedious and time-consuming. Kevin responds to phishing attacks by following a step-by-step manual process catalogued in his "Cybersecurity Playbook." Jeff shows Kevin an easier and faster way to respond using automated playbooks from Splunk SOAR (formerly known as Splunk Phantom).
Splunk SOAR Playbooks: GCP Unusual Service Account Usage
As organizations increase their cloud footprints, it becomes more and more important to implement access control monitoring for as many resources as possible. In previous playbooks, we have shown examples of AWS and Azure account monitoring, but the series would not be complete without also supporting Google Cloud Platform (GCP).
SOARing w/ Splunk Phantom
Hey kids, do you like automation? Danny chats with Dan Dagget (@sgviking) , @Splunk Community Leader for Phantom & Tom Wise from @Adarma_Security about how to SOAR. What is SOAR? Do you need it? Are you ready to deploy it even if you do need it? How many times will Danny screw up the audio settings like the true professional he is? All answers lie within.
Super Speed with Phantom Slash Commands
Are you the type of person who loves the command-line? Is tab-complete your friend? Do you move faster on a keyboard than with a mouse? Then Phantom Slash Commands are for you!
Understanding Splunk Phantom's Join Logic
If you’re an active Splunk Phantom user, it’s safe to assume you know what a playbook is. If not, here’s a quick summary: Phantom playbooks allow analysts to automate everyday security tasks, without the need for human interaction. Manual security tasks that used to take 30 minutes can now be executed automatically in seconds using a playbook. The result? Increased productivity and efficiency, time saved, and headaches avoided.
Logsign SOAR
The Logsign Security Orchestration, Automation, and Response (SOAR) provides you to streamline your security operations & improve the maturity of your security stack on a centralized and comprehensive platform. Automate your workflows, orchestrate your tools and people, reduce response times.