Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

June 2021

ThreatQuotient

Current Events Have You Worried? Our Program Development Services Can Help.

Jun 29, 2021 By Jonathan Couch In ThreatQuotient

Sometimes the hardest part of any project is getting started. But when it comes to strengthening your security operations program, the escalation of cyberattacks over the last few months have shown us there’s no time to waste. You need to make sure you’re leveraging threat intelligence throughout your security operations to understand your adversaries, strengthen defenses, and accelerate detection and response.

Read Post
splunk

A day in the life of cybersecurity. Splunk customer stories of SOC-cess

Jun 28, 2021 By Matt Davies In Splunk

We have a saying at Splunk. It goes something like “if you’re ever having a bad day, go and talk to a customer”. What organizations around the world are doing with their data and Splunk brings a huge smile and an eyebrow raising, positive “can’t quite believe you’ve done that” very-impressed nod of the head. That’s never more true than with our security customers.

Read Post
splunk

SOARing to the Clouds with Splunk SOAR

Jun 23, 2021 By James Brodsky In Splunk

For years, security practitioners have kicked and screamed about their reality. There are too many alerts to fully investigate and manually resolve every day. There is a massive talent shortage of qualified security professionals across the globe. Then couple that with analyst burnout and siloed security point-products. All of these factors are preventing security operation centers (SOCs) from operating at their full potential, with increased efficiency, performance and speed.

Read Post

SOCtails Episode 4 - Respond Fast to Security Incidents with Automated Playbooks

Jun 22, 2021 By Splunk In Splunk
Investigating and responding to phishing attacks is tedious and time-consuming. Kevin responds to phishing attacks by following a step-by-step manual process catalogued in his "Cybersecurity Playbook." Jeff shows Kevin an easier and faster way to respond using automated playbooks from Splunk SOAR (formerly known as Splunk Phantom).
View Video
splunk

Splunk SOAR Playbooks: GCP Unusual Service Account Usage

Jun 16, 2021 By Philip Royer In Splunk

As organizations increase their cloud footprints, it becomes more and more important to implement access control monitoring for as many resources as possible. In previous playbooks, we have shown examples of AWS and Azure account monitoring, but the series would not be complete without also supporting Google Cloud Platform (GCP).

Read Post
splunk

Understanding Splunk Phantom's Join Logic

Jun 1, 2021 By Olivia Courtney In Splunk

If you’re an active Splunk Phantom user, it’s safe to assume you know what a playbook is. If not, here’s a quick summary: Phantom playbooks allow analysts to automate everyday security tasks, without the need for human interaction. Manual security tasks that used to take 30 minutes can now be executed automatically in seconds using a playbook. The result? Increased productivity and efficiency, time saved, and headaches avoided.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.