How Ernst & Young Helps Security Analysts Connect the Dots with Splunk SOAR

By Splunk

Security analysts struggle with connecting the dots every single day. They get siloed information from multiple places, making it nearly impossible for them to see the overall context of a security event. Think about your security approach today. What does it look like? How many alerts (from how many sources) does your team see a day? How many security data points are you gathering and collating across multiple security tools (like endpoint, network and cloud security)? And then how do you act on that data, quickly and efficiently, to respond to a security incident?

We asked these same questions to Robb Mayeski, a senior manager for cybersecurity who leads Ernst & Young’s security orchestration, automation and response (SOAR) practice across the Americas. He helps clients tackle their most difficult security problems. He explained that Ernst & Young’s clients struggle most with a lack of resources, siloed workflows, lack of collaboration and manual processes. In essence, they struggled with connecting the dots.

Ernst & Young LLP turned to Splunk Phantom to connect these dots and remove siloed workflows for their customers. Phantom connects all of these workflows so that you can see the entire contextual picture, and then take action. Mayeski shared with us recently:

“We’re now able to see where the cyber defense team is able to talk with the threat intelligence team or the data protection team. And they're able to share useful metrics. These insights can then roll up to the C-suite, who are then able to make educated decisions based on the risk to the organization.”

The success Ernst & Young saw with Phantom was proven when one of their largest clients was hit with a ransomware attack. Luckily, the client had previously implemented Phantom, allowing them to automate their response to the attack, contain the threat to a single system, and prevent any possible spread or outages.

Read on to see the full story on how Ernst & Young LLP connected the dots for security analysts with Splunk Phantom.

If you’re eager to try Phantom for yourself, download the free community edition.

----------------------------------------------------
Thanks!
Olivia Courtney

Splunk

The world’s leading organizations trust Splunk to help keep their digital systems secure and reliable. Our software solutions and services help to prevent major issues, absorb shocks and accelerate transformation. Learn what Splunk does and why customers choose Splunk.

Security 8 Min Read

Defending the Gates: Understanding and Detecting Ave Maria (Warzone) RAT

The Splunk Threat Research Team provides a deep-dive analysis of Ave Maria RAT, also known as 'Warzone RAT.'

Security 4 Min Read

Wire Data, Huh! What Is It Good For? Absolutely Everything, Say It Again Now!

A brief overview of wire data, its uses and sources, and the new Splunk Essentials for Wire Data app

Security 2 Min Read

Security is Everything at RSAC 2020

Will you be one of the 50,000 security practitioners attending RSA Conference 2020 in San Francisco? We'll have dozens of demos and presentations showcasing use cases.

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.

Learn more about Splunk

How Ernst & Young Helps Security Analysts Connect the Dots with Splunk SOAR

Related Articles

Defending the Gates: Understanding and Detecting Ave Maria (Warzone) RAT

Wire Data, Huh! What Is It Good For? Absolutely Everything, Say It Again Now!

Security is Everything at RSAC 2020

About Splunk

Subscribe to our blog

Connect with Splunk on X

Connect with Splunk on Instagram