Operations | Monitoring | ITSM | DevOps | Cloud

SOAR

Splunk SOAR Feature Video: Configure Third Party Tools

To get started in Splunk SOAR, you will need to configure an asset. Assets are the security and infrastructure assets that you integrate with the Splunk SOAR platform, like firewalls and endpoint products. Splunk SOAR connects to these assets through apps. Apps extend the platform by integrating third-party security products and tools.

Splunk SOAR Feature Video: Contextual Action Launch

Splunk SOAR apps have a parameter for action inputs and outputs called "contains". These are used to enable contextual actions in the Splunk SOAR user interface. A common example is the contains type "ip". This is a powerful feature that the platform provides, as it allows the user to chain the output of one action as input to another.

Splunk SOAR Feature Video: Custom Functions

Splunk SOAR’s custom functions allow shareable custom code across playbooks and the introduction of complex data objects into the playbook execution path. These aren’t just out-of the-box playbooks, but out-of-the-box custom blocks that save you time and effort. This allows for centralized code management and version control of custom functions providing the building blocks for scaling your automation, even to those without coding capabilities.

Integrating SOAR and MITRE ATT&CK framework to help SecOps take flight

Old news: The pandemic changed the world. New news: Security operations still need to act as if the crisis continues. Here's why. Prior to the pandemic, organizations around the world were already moving forward with digital transformation. COVID-19 forced enterprises to scale like never before—adding public cloud services, new network devices, remote workers, and software as a service (SaaS) applications.

A day in the life of cybersecurity. Splunk customer stories of SOC-cess

We have a saying at Splunk. It goes something like “if you’re ever having a bad day, go and talk to a customer”. What organizations around the world are doing with their data and Splunk brings a huge smile and an eyebrow raising, positive “can’t quite believe you’ve done that” very-impressed nod of the head. That’s never more true than with our security customers.

SOARing to the Clouds with Splunk SOAR

For years, security practitioners have kicked and screamed about their reality. There are too many alerts to fully investigate and manually resolve every day. There is a massive talent shortage of qualified security professionals across the globe. Then couple that with analyst burnout and siloed security point-products. All of these factors are preventing security operation centers (SOCs) from operating at their full potential, with increased efficiency, performance and speed.