Ask a group of security analysts about the challenges of working in cybersecurity, and you’ll likely hear some common themes: It’s no surprise that security teams feel perpetually overwhelmed. Many teams have turned to security orchestration, automation and response (SOAR) tools for help. A SOAR tool can orchestrate security actions (like investigations, triage, response) across various security products in a team’s arsenal, and automate otherwise manual repetitive security tasks.

The Splunk Security Team is excited to share some of the new and enhanced capabilities of Splunk Phantom, Splunk’s security orchestration, automation and response (SOAR) technology. Phantom’s latest update (v4.10) makes automation implementation, operation and scaling easier than ever for your security team.

2020 is coming to a close and technology has evolved rapidly to make way for changing market conditions. Cloud computing, Artificial Intelligence (AI), automation, and the Internet of Things (IoT) are evolving technologies that create unparalleled opportunities for companies to unlock new value. When technology advances, so does the landscape of cyber threats that companies have to navigate.

An increasing number of organizations have partnered with Managed Security Service Providers due to the large range of threats facing organizations (MSSP). MSSPs support organizations efficiently by not only identifying external risks but also aiding them in the response to incidents. They also, however, battle a major problem: falling victim to the same shortcoming and bigger risks. They must ensure that consumers are met with Service Level Agreements (SLAs).

Cybersecurity vendor FireEye recently disclosed a sophisticated attack which led to the “unauthorized access of their red team tools.” A few days later, this attack was linked to a widespread and complex supply chain attack, referred to as “Sunburst,” targeting SolarWinds’ enterprise IT monitoring solution. As always, make sure to review and follow the recommendations and countermeasures from both SolarWinds and FireEye.

With the face of cyberthreats in a constant state of flux, it’s nearly impossible for IT and Security teams to manually secure their countless systems, applications, services, and devices, as well as respond to potential and active cyberattacks that manage to flourish despite best efforts.

It’s easy to overlook the human elements behind cyber threats and cyberattacks. We tend to focus our time analyzing the technical mechanics behind executed attacks, their vulnerabilities and exploits, and their potential mitigation techniques. While all important factors, they don’t account for the people behind the threat. This ultimately leaves you exposed and without crucial context to aid us as you allocate security resources and evaluate assets likely to be targeted.

The state of enterprise cybersecurity is becoming increasingly complex, thanks to the growing number of malicious threats. According to Gartner, a burst of varied security alarms are terrorizing the cyber landscape. However, there are very few efficient people or processes to help organizations deal with them. In 2017, the research company came up with an innovative and powerful approach to address and deter catastrophic cyber threats to enterprises - SOAR!