Digital Resilience Pays Off
Download this e-book to learn about the role of Digital Resilience across enterprises.
How Ernst & Young Helps Security Analysts Connect the Dots with Splunk SOAR
By
Splunk
Security analysts struggle with connecting the dots every single day. They get siloed information from multiple places, making it nearly impossible for them to see the overall context of a security event. Think about your security approach today. What does it look like? How many alerts (from how many sources) does your team see a day? How many security data points are you gathering and collating across multiple security tools (like endpoint, network and cloud security)? And then how do you act on that data, quickly and efficiently, to respond to a security incident?
We asked these same questions to Robb Mayeski, a senior manager for cybersecurity who leads Ernst & Young’s security orchestration, automation and response (SOAR) practice across the Americas. He helps clients tackle their most difficult security problems. He explained that Ernst & Young’s clients struggle most with a lack of resources, siloed workflows, lack of collaboration and manual processes. In essence, they struggled with connecting the dots.
Ernst & Young LLP turned to Splunk Phantom to connect these dots and remove siloed workflows for their customers. Phantom connects all of these workflows so that you can see the entire contextual picture, and then take action. Mayeski shared with us recently:
“We’re now able to see where the cyber defense team is able to talk with the threat intelligence team or the data protection team. And they're able to share useful metrics. These insights can then roll up to the C-suite, who are then able to make educated decisions based on the risk to the organization.”
The success Ernst & Young saw with Phantom was proven when one of their largest clients was hit with a ransomware attack. Luckily, the client had previously implemented Phantom, allowing them to automate their response to the attack, contain the threat to a single system, and prevent any possible spread or outages.
Read on to see the full story on how Ernst & Young LLP connected the dots for security analysts with Splunk Phantom.
If you’re eager to try Phantom for yourself, download the free community edition.
----------------------------------------------------
Thanks!
Olivia Courtney
Related Articles
About Splunk
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
