%term

The latest News and Information on Security Orchestration, Automation and Response.

Splunk SOAR Playbooks: Conducting an Azure New User Census

Nov 9, 2021 By Splunk In Splunk

Tune in to the Tech Talk to learn how to get started with an account monitoring use case, how our newest community playbook initiates a scheduled review of new accounts created in Azure Active Directory each week, and how your security team should have a good understanding of the frequency and common attributes of newly created accounts.

View Video

Splunk

Read more about Splunk SOAR Playbooks: Conducting an Azure New User Census

Splunk SOAR Playbook - Malware Triage with Crowdstrike and Splunk Phantom

Nov 9, 2021 By Splunk In Splunk

Tune into the Tech Talk to learn about the combination of Crowdstrike and Splunk Phantom that allows for a smooth operational flow from detecting endpoint security alerts to operationalizing threat intelligence and automatically taking the first few response steps – all in a matter of seconds.

View Video

Splunk

Read more about Splunk SOAR Playbook - Malware Triage with Crowdstrike and Splunk Phantom

Splunk SOAR Playbook - Finding and Disabling Inactive Users on AWS

Nov 9, 2021 By Splunk In Splunk

Tune in to the Tech Talk to learn about the importance of regularly checking inactive user accounts within your organization, how to automate the process of checking for these users, and how these Splunk Phantom playbooks work together to protect your AWS environment.

View Video

Splunk

Read more about Splunk SOAR Playbook - Finding and Disabling Inactive Users on AWS

Cybersecurity Breakthrough Awards Names ThreatQuotient Security Automation Solution of the Year

Nov 2, 2021 By Marc Solomon In ThreatQuotient

With thousands of tools and technologies to choose from, navigating through cybersecurity categories and technologies to find a solution that meets your organization’s needs can be challenging. The annual Cybersecurity Breakthrough Awards program helps you solve that problem by aiming to perform the most comprehensive evaluation of cybersecurity companies and solutions on the market today and recognizing the leaders.

Read Post

ThreatQuotient

Read more about Cybersecurity Breakthrough Awards Names ThreatQuotient Security Automation Solution of the Year

Adaptable Incident Response with Splunk Phantom Modular Workbooks

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn how Phantom can dynamically add tasks to your workbooks, understand why workbooks might need to adapt during investigations, and see modular workbook development in action and utilize these examples in your organization.

View Video

Splunk

Read more about Adaptable Incident Response with Splunk Phantom Modular Workbooks

RBA Investigations at Machine Speed with Splunk Phantom

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn how to incorporate threat indicators to your RBA strategy, build an extensible Phantom playbook framework for new use-cases, and automate analyst information gathering steps.

View Video

Splunk

Read more about RBA Investigations at Machine Speed with Splunk Phantom

Lift Your Spirits With Splunk SOAR

Oct 28, 2021 By Alexa Araneta In Splunk

Halloween is just around the corner and we’re looking forward to trick-or-treating, donning our best costumes, and watching movies. A few of my favorite movies that I watch around Halloween time remind me of our most recent Splunk SOAR updates. Is that a stretch? Possibly. But hey it’s Halloween, let’s have some fun and I’ll try to make it as humerus as possible 💀

Read Post

Splunk

Read more about Lift Your Spirits With Splunk SOAR

Splunk SOAR Feature Overview: Visual Playbook Editor + Input Playbooks

Oct 20, 2021 By Splunk In Splunk

Splunk SOAR’s new, modern visual playbook editor makes it easier than ever to create, edit, implement and scale automated playbooks to help your team eliminate security analyst grunt work, and respond to security incidents at machine speed. Now, anyone can automate, allowing your team to achieve faster time to value from your SOAR tool. In this demo, we'll show you how to build an "input playbook". Input playbooks are used to automate simple IT and security tasks, and can then be leveraged as part of larger, more complex playbooks for a more modular approach to automation.

View Video

Splunk

Read more about Splunk SOAR Feature Overview: Visual Playbook Editor + Input Playbooks

Sumo Logic recognized as a Leader in the GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR)

Oct 19, 2021 By Dario Forte In Sumo Logic

Everyone here at Sumo Logic is thrilled to announce our inclusion as a Leader and Outperformer in the 2021 GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR). We’re excited that our Cloud SOAR solution is getting this recognition and we’re confident that this is just the beginning. We are even more motivated to keep on innovating and molding Cloud SOAR into a solution that will pave the way for the future of the modern SOC.

Read Post

Sumo Logic

Read more about Sumo Logic recognized as a Leader in the GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR)

Splunk SOAR Feature Overview: Apps

Oct 19, 2021 By Splunk In Splunk

Splunk SOAR apps are the integration points between Splunk SOAR and other security technologies. Through apps, Splunk SOAR directs your other security tools to perform actions, such as direct VirusTotal to check file reputation or Cisco Firewall to block an IP. Splunk SOAR’s app model supports integration with over 350 tools and over 2100 different actions. All Splunk SOAR apps are available on Splunkbase.

View Video