Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

The state of SOAR: What to expect in 2021

2021 is only a month away, and given the turbulent landscape we had in 2020, we can’t help but wonder what the cybersecurity conditions will look like for companies and enterprises in the upcoming year. Year after year, the cybersecurity industry faces new challenges and obstacles, and 2021 will be no different. 2020 proved to be one of the most challenging years, cybersecurity-wise, especially for those companies whose employees suddenly had to switch to remote working.

Deep Dive Into Security Orchestration, Automation and Response (SOAR)

When it first burst onto the cyber security scene back in 2015, SOAR was dubbed by Gartner as a ground-breaking, revolutionary technology in the cyber security industry. Fast-forward 6 years, Security Orchestration, Automation and Response has lived up to those expectations and is rapidly growing its presence rapidly, with the SOAR market estimated to exceed $550 million by 2023 .

Splunk SOAR: Anyone Can Automate

If you haven’t heard the news, Splunk Phantom is now Splunk SOAR – available both on-prem and in the cloud. What does this mean to you? You can deploy SOAR in the way that best supports your business needs. No matter what deployment you choose, you can automate from anywhere, and truly “SOAR your own way!” Hot on the heels of our cloud release is another exciting announcement: Splunk SOAR’s new Visual Playbook Editor.

How to Assess and Up-level Your Organization's Maturity for SOAR, Gartner's Take

Earlier this year, Gartner published its latest research on the Security Orchestration, Automation and Response (SOAR) market in a report entitled, “Is Your Organization Mature Enough for SOAR?”. We’ve been talking to clients about this very subject and agree with Gartner that SOAR tools can increase SecOps efficiency and consistency, provided organizations have laid the proper groundwork.

Current Events Have You Worried? Our Program Development Services Can Help.

Sometimes the hardest part of any project is getting started. But when it comes to strengthening your security operations program, the escalation of cyberattacks over the last few months have shown us there’s no time to waste. You need to make sure you’re leveraging threat intelligence throughout your security operations to understand your adversaries, strengthen defenses, and accelerate detection and response.

A day in the life of cybersecurity. Splunk customer stories of SOC-cess

We have a saying at Splunk. It goes something like “if you’re ever having a bad day, go and talk to a customer”. What organizations around the world are doing with their data and Splunk brings a huge smile and an eyebrow raising, positive “can’t quite believe you’ve done that” very-impressed nod of the head. That’s never more true than with our security customers.

SOARing to the Clouds with Splunk SOAR

For years, security practitioners have kicked and screamed about their reality. There are too many alerts to fully investigate and manually resolve every day. There is a massive talent shortage of qualified security professionals across the globe. Then couple that with analyst burnout and siloed security point-products. All of these factors are preventing security operation centers (SOCs) from operating at their full potential, with increased efficiency, performance and speed.

Splunk SOAR Playbooks: GCP Unusual Service Account Usage

As organizations increase their cloud footprints, it becomes more and more important to implement access control monitoring for as many resources as possible. In previous playbooks, we have shown examples of AWS and Azure account monitoring, but the series would not be complete without also supporting Google Cloud Platform (GCP).