Today, Torq transformed security automation forever with the debut of the world’s first enterprise-grade security hyperautomation platform. Why does that matter? I’ll let Gartner explain. It says “Hyperautomation is a business-driven, disciplined approach that organizations use to rapidly identify, vet, and automate as many business and IT processes as possible.” Simply put, it’s the future of security automation, and we’re delivering on its promise, today.

SOAR (Security Orchestration, Automation and Response) refers to the combination of three different technologies: security orchestration and automation, security incident response platforms (SIRP) and threat intelligence platforms (TIP). SOAR technologies allow organisations to collect and aggregate vast amounts of security data and alerts from a multitude of sources.

CrowdStrike Falcon® Fusion is a cloud-scale, extensible security orchestration, automation and response (SOAR) framework that’s natively integrated with the CrowdStrike Falcon® platform and available to CrowdStrike customers at no added cost.

During a recent Proof of Concept (PoC) for Splunk SOAR with an existing customer of Splunk Enterprise Security (ES), I was asked if it was possible to send events/containers available in Splunk SOAR to Splunk ES as a Notable Event. While the reverse process of sending ES Notable Events to Splunk SOAR is highly documented, I was surprised to find hardly any documentation about the use case my customer brought up during the PoC. Hence, my cue to write my first ever Splunk blog!

As security practitioners, we like to read blogs, whitepapers, and even Mastodon “toots” that talk about new or novel threats and vulnerabilities. Recently, our fearless and never sleeping Security Strategist Leader James Brodsky called attention to a blog post from a researcher that highlighted the risks of password disclosure in authentication logs.

Software vendors have loads of high-value data they need to protect — from customers’ personally identifiable information to the company’s intellectual property — so a data breach can be catastrophic. There’s a lot on the line if these types of organizations fall victim to a cyberattack, including fines from regulators or damage to their brand and reputation.

Cyberattacks have intensified over the last few years as threat actors are always improvising their game plan to carry out new and sophisticated methods. Concepts like Ransomware as a Service have made it easy for small threat groups to leverage weaponized services with devastating results for organizations. This highlights how traditional security systems and approaches are no longer able to keep up with the ever-evolving threat landscape.