Operations | Monitoring | ITSM | DevOps | Cloud

SOAR

Splunk SOAR 6.2 Introduces New Automation Features, Workload Migration, and Firewall Integrations

The Splunk team is proud to announce the release of Splunk SOAR 6.2 (Security Orchestration Automation and Response). We’ve been hard at work developing the latest and greatest features for this update, several of which have come from requests and suggestions from our users over on Splunk Ideas.

SOAR vs. SIEM: Understanding the Differences

This post was written by Joe Cozzupoli. Scroll down to read the author’s bio. As the cybersecurity landscape evolves and threats become more sophisticated, organizations need to stay ahead with the right tools and strategies to protect their valuable data. Two key technologies in this domain are Security Orchestration, Automation, and Response (SOAR) and Security Information and Event Management (SIEM).

What is SOAR (Security, Orchestration, Automation, and Response)?

As a managed service provider, you know that cyberthreats are increasing in frequency, sophistication, and impact. In recent years, we have seen a dramatic increase in the number of cyber-attacks targeting businesses, governments, and individuals. This explosion of cyberthreats highlights the need for businesses and individuals to take cybersecurity seriously and implement modernized security measures to protect themselves against these threats.

How Automation Playbooks Double Down on the Value of SOARs

So you’ve set up a Security Orchestration, Automation and Response (SOAR) platform. You’re now ready to detect, respond to and remediate whichever threats cyberspace throws at you, right? Well, not necessarily. In order to deliver their maximum value, SOAR tools should be combined with playbooks, which can be used to drive SOAR systems and ensure that SOARs remediate threats as quickly as possible — in some cases, without even waiting on humans to respond.

Cribl.Cloud: Are You Ready to Fly Solo?

Many years ago, I attained my private pilot’s license. This entailed completing a very structured program, similar to how most companies introduce a product to a new user. Let’s be honest, there is a really good reason for this – to avoid the crash and burn. With flight training, it’s literal, while with products it’s a bit more figurative (except when you YOLO something into production–that can cause a crash and burn–and leave for a bad first impression).

SOARs vs. No-Code Security Automation: The Case for Both

Just a few years ago, security orchestration, automation and response (SOAR) was the new buzzword associated with security modernization. Today, however, SOAR platforms are increasingly assuming a legacy look and feel. Although SOARs still have their place in a modern SecOps strategy, the key to driving SecOps forward today is no-code security automation.

SOAR Security: 7 Disadvantages of SOAR Solutions

We’ve said it before, and we’ll say it again: Security Orchestration, Automation and Response (SOAR) platforms are great tools for helping teams work smarter, faster, and more efficiently against security risks. But, used on their own, SOARs are far from perfect for meeting the full security needs of the modern organization.

Sponsored Post

To Reinvent SOAR, Automation Is only a Feature

Security, by its very nature, is one of the most innovative fields on the planet. Every technological advancement carries with it a handful or more of new attack vectors, which in turn lead to a dizzying amount of security innovation as our industry works to mitigate risk and defend against threats. But for all this innovation, there are a few ways in which security lags far behind.