Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk

Introducing Our New SOAR Integrations: Why Panorama and FortiManager Users Should Be Excited

Hello there, cybersecurity aficionados! We're thrilled to unveil our latest and greatest Splunk SOAR apps, tailored for the giants of the firewall space: Panorama and FortiManager. These sophisticated apps help us deliver the most compelling automation for our community, no matter the tools they have deployed. Much like our playbooks packs from earlier this year, these integrations are another great way for users to align their incident response approach to MITRE D3FEND.

Software Liability Explained

Software liability is an increasingly important area for every software development company and team. At its core, software liability is about protecting users from damages caused by software issues. As more software is in use than ever before, there’s a lot of ways that software — and its manufacturers — could be held responsible for certain actions or inactions. Indeed, even the rise of cyber insecurity globally could fall into this murky area.

SOC Models: In-House, Out-Sourced, or Hybrid SOC?

There’s no single perfect, one-size-fits-all SOC model. Leaders are still unsure whether to bring the SOC in-house, get it outsourced, or do a mix of these two approaches (the so-called hybrid SOC). How do you choose? Investing now in the right model (with adaptability and portability as key considerations) might not be glamorous, but it will set you up for success in the future.

Data Privacy: The Ultimate Guide

Today, data privacy is the new strategic priority for many companies. Prioritizing data privacy boils down to two key drivers: Indeed, the awareness piece has grown significantly, both leading to and because of stringent data privacy regulations, including GDPR and CCPA, the California Consumer Privacy Act. (First time on Splunk.com? You might see a pop-up banner specifically for you to opt in or out.) So, let’s take a look at the concept of data privacy and what’s behind it.

Reduce Operational Complexity with Splunk SOAR Logic Loops

Last week, we released Splunk SOAR 6.2 (Security Orchestration Automation and Response) and in the accompanying announcement blog, we highlighted some of the new key features found in this release. Today, we want to take a more in-depth look at one of those features, logic loops, and show how they make it easier than ever for security engineers and analysts to save time and cut down on repetitive manual tasks.

Laying the Foundation for a Resilient Modern SOC

SecOps teams face more challenges than ever, including an expanded attack surface, an increased number of vulnerabilities, and a non-stop barrage of cyberattacks – all of which have materially increased organizational risk. According to Splunk’s State of Security Report 2023, security operations centers (SOCs) have become so overwhelmed that 23% of SOC analysts say they struggle with a high volume of security alerts. There are so many to process that 41% of those alerts are being ignored.

Splunk SOAR Logic Loops Demo

Logic Loops are a feature in Splunk SOAR that allow users to reduce the operational complexity of building and maintaining playbooks that require repeatable looping functionalities without having to write their own custom code. This iterative function allows users to automatically retry playbook actions if they fail, or continue with the rest of the playbook when the action succeeds. This function can be applied to use cases like sandbox engines for malicious URL quarantine and remediation as well as forensic investigation workflows.