Elastic continues to provide customers the ability to modernize their security operations programs. Today’s launch celebrates several initiatives that together equip customers to modernize security operations, including.

In cybersecurity, one thing is certain: the bad guys are relentless. They never stop working and scheming to find new ways to attack weaknesses in data security. Their objective is criminally simple: breach organizations to steal and monetize data. And they use every means possible to do it. On the other side are cybersecurity companies and the professionals who work for them. We never stop working to improve our products and services to protect our customers from those global threat actors.

While Gartner hasn’t released the SOAR Magic Quadrant, to the delight of many SOAR enthusiasts, the highly anticipated Gartner SOAR Market Guide for 2022 is out and we are happy to announce that Sumo Logic has been included again! Even though Security Orchestration, Automation and Response (SOAR), as a relatively new security category, doesn’t have a SOAR Magic Quadrant, Gartner is already dedicating a market guide for SOAR solutions.

Deploying security automation is hard if the criteria for success is beyond the scope of ticketing workflow. But the barrier of automation deployment has never been lower with the advent of so many Security Orchestration, Automation, and Response (SOAR) platforms now available to select from in the market and how attractive purchasing automation in a box (or in the cloud) is.

Since the early days of computing, cybersecurity has been a top concern for businesses and organizations. Over the years, the nature of cybersecurity threats has changed dramatically, and so too must our approach to security. In this blog post, we'll take a look at the evolution of cybersecurity from prevention to XDR and SOAR. We'll also consider the implications of these changes for CIOs and business leaders alike.

Recently, ThreatQuotient hosted an interactive discussion regarding security orchestration and cyber security automation adoption – what it is, what it’s meant to do, and why it can present a challenge for security teams to set up and maintain. What we heard from attendees was that the most common issues preventing them from integrating some form of security automation into their internal processes are the necessary time and resources.

A common question we receive is: should security orchestration, automation and response (SOAR) replace security information and event management (SIEM)? While the two technologies share some common components, they serve different purposes. As security teams look to modernize their security operations center (SOC) to meet the demands of cloud environments, automation is the key priority. To that end, it’s vital to understand the roles of both SIEM and SOAR.

The process for our technology partners to publish their SOAR Apps to Splunkbase just got faster and simpler. App updates are now automatically pulled from our partners’ GitHub repositories into the Splunkbase library in a matter of minutes. With 350+ SOAR Apps on Splunkbase across 200+ partners, this process improvement makes Splunk easier to integrate with and more importantly, provides our customers with even faster access to up-to-date Apps.

No matter how advanced your Security Operations Center (SOC) is, pre-built Playbook Packs from Splunk can augment your analysts with automation that scales with your organization’s maturity. SplunkⓇ Enterprise Security (ES) users can achieve this scalable automation by using a pre-built Risk Notable Playbook Pack in Splunk SOAR.