Video

Splunk SOAR Explained - Response 101

Episode 4

Play Video

Video Summary

This video demonstrates how Splunk SOAR (Security Orchestration, Automation, and Response) can be used to streamline event response by automating workflows and improving collaboration within security teams. It explores how data from multiple sources, such as structured data from SIEM systems and unstructured data like emails, is ingested into the platform. Through practical examples, the video shows how analysts can triage phishing emails, investigate potential threats, and take actions such as blocking malicious URLs or performing system quarantines, all without leaving the SOAR console.

The video further illustrates how automation can be extended to handle more critical incidents, such as ransomware attacks. By using playbooks, Splunk SOAR can trigger automated responses like terminating malicious processes or quarantining devices in real time. This level of automation ensures faster decision-making and response, allowing security teams to act on potential threats at machine speed while working together seamlessly within the SOAR interface.

Additional Resources

Who are Somerford?

We are a passionate group of people delivering innovation to our customers on their digital transformation journey.

Splunk Edge Hub

Effortlessly streamline the process of inegrating your data with the Splunk Edge Hub.

Splunk Security Solutions

Utilise Splunk's suite of security solutions designed to provide uniefied and robust defence against cyber threads.

Get in Touch to Learn More

With specialist knowledge, skills and experience derived from supporting a broad range of FTSE 100, FTSE 250 and smaller companies Somerford Associates have a strong reputation for enabling digital transformation at scale, at pace and in budget.
Scroll to Top