Splunk SOAR

It plays a central role in bridging detection with response automation. As a SOC analyst, I oversee threat response operations from multiple enterprise clients. Splunk SOAR obviously does a ton for us but at its core, the problem it solves is alert fatigue and triage inconsistency.

• 70 % of low to mid tier alerts are now auto resolved through playbooks
• MTTD and MTTR are significantly low

IBM Security QRadar SOAR

Splunk Enterprise Security

We're using it for Automation to address different clients to help them reduce their working time on certain things, which helps them increase their efficiency and thereby help them meet the SLA. Splunk SOAR helps us with a lot of customization to include custom codes in the playbook, which is a deal breaker.

• Achieveing SLA.
• Saving Analysts time.
• Automation.

Splunk Enterprise Security (ES), Securonix Next-Generation SIEM, Palo Alto Networks Cortex XDR

We were largely depending on Splunk SOAR for active threat detection and alert monitoring .It has a good algorithm based signature handling which efficiently manages threats. Also our cyber security researchers constantly use this software for advanced research based on their specialisations. Advanced penetration testing also helped us to enhance the security of our hosted applications

• Execution time for handling threats has been reduced considerably
• Alerts are more real time, and ease of categorising events.
• Saved a lot of budget without going with traditional analysers.

PRTG Network Monitor, Observium, SolarWinds IP Address Manager (IPAM)

Splunk SOAR has helped us to improve our overall security posture, efficiency and effectiveness by automating and managing our security operations through streamlining most of our manual processes such as threat detection, incident response and vulnerability management. Therefore, our team has been able to respond more quickly to potential threats and reduce the impact of security incidents on the organization.

• We have been able to reduce security incidents and the costs associated with it therefore increasing our revenue by 30% and we have been able to maintain our reputation.
• We have improved our productivity by 20% by automating manual processes therefore concentrating on more important tasks.
• We have improved the overall control of our security operations.

Splunk Enterprise Security (ES), Zoom, HCL BigFix

This software is very fast to protect our system, we require the services of Splunk SOAR to implement improvements in our internal system, since our network has always been a constant victim of the threats that abound on the web, in the installation process we had problems, but we loved having technical support, the implementation was completed in a short time, it is a complete system to automate alerts in advance, it has very good scans to neutralize threats and protect our information. We reduce manual analysis, and we are more effective because Spunk SOAR has an automated system to eliminate any threat that even tries to appear in our company.

• Decrease in manual errors, since the entire analysis process is automated.
• It has priority on threats, which ensures that there are no false positives.
• Good quality of automated responses.

AccessPay, Book Systems, Acodis – Intelligent Document Processing (IDP)