SOAR

The latest News and Information on Security Orchestration, Automation and Response.

Splunk SOAR Feature Overview: Apps

Splunk SOAR apps are the integration points between Splunk SOAR and other security technologies. Through apps, Splunk SOAR directs your other security tools to perform actions, such as direct VirusTotal to check file reputation or Cisco Firewall to block an IP. Splunk SOAR’s app model supports integration with over 350 tools and over 2100 different actions. All Splunk SOAR apps are available on Splunkbase.

Splunk SOAR Feature Overview: App Editor

A common task on the Splunk SOAR platform is installing a new app, or updating existing apps. Apps extend the Splunk SOAR platform by integrating third-party security products and tools. With the Splunk SOAR App Editor, you can create, edit, and test apps all from one place, making the app development experience easier and faster than ever. We currently offer more than 350 premade apps that are accessible right now.
sumologic

Sumo Logic recognized as a Leader in the GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR)

Everyone here at Sumo Logic is thrilled to announce our inclusion as a Leader and Outperformer in the 2021 GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR). We’re excited that our Cloud SOAR solution is getting this recognition and we’re confident that this is just the beginning. We are even more motivated to keep on innovating and molding Cloud SOAR into a solution that will pave the way for the future of the modern SOC.

sumologic

How Cloud SOAR mitigates the cybersecurity skill gap problem in modern SOCs

Even though the cybersecurity skill gap dropped for the first time in recorded history in 2020, it is still one of the most pressing problems in the industry. Demand continues to eclipse the supply of skilled cybersecurity professionals. The scarcity of qualified security workers with the right skill set, experience, and talent means that critical vulnerabilities turn many organizations into sitting ducks in the eyes of hackers.

Siemplify ThreatFuse: Some Things Just Go Better Together

Some things are just better together. Peanut butter and jelly. Beavis and Butthead. Security orchestration, automation & response (SOAR) and threat intelligence (TIP) platforms. But don’t settle for a good SOAR with a basic TIP, or a good TIP with a basic SOAR. Siemplify ThreatFuse, combines best-in-class SOAR and best-in-class TIP.

Splunk SOAR Feature Video: Case Management

Case management functionality is built into Splunk SOAR. Using workbooks, you can codify your standard operating procedures into reusable templates. Splunk SOAR supports custom and industry standard workbooks such as the NIST-800 template for incident response. You can divide tasks into phases, assign tasks to team members, and document your work.

Splunk SOAR Feature Overview: Custom Functions

Splunk SOAR’s custom functions allow you to share custom code across playbooks while introducing complex data objects into the execution path. These aren’t just out-of-the-box playbooks, but out-of-the-box custom blocks that save you time and effort. These capabilities provide the building blocks for scaling your automation, even to those without coding capabilities.