Security teams face unique challenges in today’s rapidly-changing landscape of phishing, malware, and other social engineering and cybersecurity threats. Collaboration across disparate teams and siloed tools adds additional layers of complexity to security teams’ day-to-day operations. When security teams use different systems for simulated phishing, security awareness training, incident response and remediation, it is difficult to track and optimize the full lifecycle of an incident.

Today, Torq transformed security automation forever with the debut of the world’s first enterprise-grade security hyperautomation platform. Why does that matter? I’ll let Gartner explain. It says “Hyperautomation is a business-driven, disciplined approach that organizations use to rapidly identify, vet, and automate as many business and IT processes as possible.” Simply put, it’s the future of security automation, and we’re delivering on its promise, today.

SOAR (Security Orchestration, Automation and Response) refers to the combination of three different technologies: security orchestration and automation, security incident response platforms (SIRP) and threat intelligence platforms (TIP). SOAR technologies allow organisations to collect and aggregate vast amounts of security data and alerts from a multitude of sources.

CrowdStrike Falcon® Fusion is a cloud-scale, extensible security orchestration, automation and response (SOAR) framework that’s natively integrated with the CrowdStrike Falcon® platform and available to CrowdStrike customers at no added cost.

During a recent Proof of Concept (PoC) for Splunk SOAR with an existing customer of Splunk Enterprise Security (ES), I was asked if it was possible to send events/containers available in Splunk SOAR to Splunk ES as a Notable Event. While the reverse process of sending ES Notable Events to Splunk SOAR is highly documented, I was surprised to find hardly any documentation about the use case my customer brought up during the PoC. Hence, my cue to write my first ever Splunk blog!

As security practitioners, we like to read blogs, whitepapers, and even Mastodon “toots” that talk about new or novel threats and vulnerabilities. Recently, our fearless and never sleeping Security Strategist Leader James Brodsky called attention to a blog post from a researcher that highlighted the risks of password disclosure in authentication logs.

Software vendors have loads of high-value data they need to protect — from customers’ personally identifiable information to the company’s intellectual property — so a data breach can be catastrophic. There’s a lot on the line if these types of organizations fall victim to a cyberattack, including fines from regulators or damage to their brand and reputation.