Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SOAR

The latest News and Information on Security Orchestration, Automation and Response.

How Playbook Packs Drive Scalable Automation

No matter how advanced your Security Operations Center (SOC) is, pre-built Playbook Packs from Splunk can augment your analysts with automation that scales with your organization’s maturity. SplunkⓇ Enterprise Security (ES) users can achieve this scalable automation by using a pre-built Risk Notable Playbook Pack in Splunk SOAR.

Siemplify SOAR for Anywhere Security Operations (NEW PLATFORM TOUR)

Ideas and behaviors are changing. A new model is emerging and the traditional way of operating your SOC is quickly becoming a thing of the past. The latest release of the Siemplify (now part of Google Cloud) Security Operations Platform has answered the call, propelling security operations to the “anywhere operations” era, where you can operate at scale – no matter where your security team is, at any time and in any capacity; automate workflows and free up your team to do more strategic work; and accelerate processes to drive more effective and timely response..

Siemplify Security Operations SOAR Platform Tour For MSSPs

Siemplify, now part of Google Cloud, is on a mission to re-envision managed security operations. Typical SOC challenges haven’t changed much over the years, it’s still the same familiar list – growing attack volumes, higher levels of threat sophistication, analyst skills and hiring gaps, and the need to quickly adapt. And despite best efforts, traditional, on-premises, siloed, in-house SOC models haven’t yet been able to break the code on how to solve these challenges.

Introduction to SOAR for the Age of Anywhere Operations

Siemplify, now part of Google Cloud, has completely revamped its SOAR platform to set you up with the building blocks you need – cloud infrastructure, automation, collaboration, and analytics – to take your response to the next level. As this promo reel shows, the Siemplify Security Operations Platform delivers relevant and impactful information front and center, improves collaboration among teams, makes building playbooks easier than ever before, and enables continuous investigation between Google Chronicle and Siemplify.

Splunk SOAR Recognized in Forrester Now Tech: SOAR, Q2 2022 Report

The Splunk SOAR team is excited to be recognized within Forrester’s report Now Tech: Security Orchestration, Automation, And Response (SOAR), Q2 2022. Splunk SOAR is categorized within the Security Analytics Portfolio functionality segment and in the “Large” vendor market presence segment. The following post will share more on our views of the report, our position in this dynamic market landscape, and a look at what’s ahead.

Security Orchestration Automation and Response (SOAR)

Security teams frequently struggle with the volume of alerts and issues they are tasked with daily. On average, most enterprises receive between 10,000 and 150,000 a day. Regardless of how large a security team may be, manually going through alerts like this is an almost impossible task. In this article we’ll be covering one of the methodologies that help with improving software security: Security Orchestration Automation and Response (SOAR).

Are we sure that SOAR is at a crossroads?

I recently had the opportunity to discuss state-of-the-art technologies to support security operations with industry analysts. I asked questions and confirmed that the current view of SOAR (security orchestration, automation and response) and SIEM (security information and event management) goes well beyond the security operation center (SOC).

Why you need both SIEM and SOAR to improve SOC efficiencies and increase effectiveness

Security professionals involved in the IT and cybersecurity industry for the last 10+ years have most likely come across the terms SIEM and recently SOAR, but there is still much confusion about what the specific use cases and purposes are. So, are these tools the same thing? Do security teams need one, the other, or both within their security operation center (SOC) infrastructure?

SOARs vs. No-Code Security Automation: The Case for Both

Just a few years ago, security orchestration, automation and response (SOAR) was the new buzzword associated with security modernization. Today, however, SOAR platforms are increasingly assuming a legacy look and feel. Although SOARs still have their place in a modern SecOps strategy, the key to driving SecOps forward today is no-code security automation.

Getting to grips with APIs

There’s nothing more frustrating than coming up against an API that won’t cooperate, no matter how hard or long you try! A key component of building integrations, APIs have been a big deal for over a decade. At this point, if a software company doesn’t have one, its technology is as good as obsolete. More than a third of analysts, in a new Tines survey, indicated that API-first is the single most important feature and capability they would look for when evaluating a new SOAR tool.