Lift Your Spirits With Splunk SOAR
Security Splunk
“SOAR With The Cloud In The Dead Of Night”
Don’t have a Jack Skellington moment, where you feel stuck doing things one way because there are no other options. Similarly, Splunk SOAR was previously an on-premises only offering for customers, but is now available in the cloud. Now you have the flexibility and freedom to choose how you deploy SOAR and streamline your operations: from the cloud, on-premises or hybrid.
“We Did Some Coding For You, And Now You’re Fine”
In Hocus Pocus (1993), 17th century Salem witches — the Sanderson sisters — are inadvertently resurrected by a teenager named Max on Halloween night. Shenanigans ensue as the sisters try to retrieve their spellbook from Max and his crew whilst trying to navigate the 20th century.
If only the Sanderson sisters had a way to codify their spellbook so they wouldn’t have to worry about a bunch of teenagers ruining their plans to live forever. Thankfully, there’s a way to at least codify your security operations workflows using playbooks from Splunk SOAR.
With the new Visual Playbook Editor, you can create playbooks and scale automation using a simplified interface that makes automating security tasks easier and faster than ever, featuring:
- Improved readability and navigation
- Vertical playbook orientation
- Decreased dependency on custom code
- Input playbooks - Smaller playbooks to automate simple tasks then leverage as part of larger playbooks for a more modular approach to automation
“Edit Edit, Little App, SOAR UI Is Where It’s At”
In Death Becomes Her (1992), rivals Madeline and Helen fight for the affections of Ernest (a plastic surgeon turned mortician) and desperately drink a magic potion that promises eternal life and everlasting youth, just as long as they take care of themselves (i.e. not die a gruesome death). Not following that one simple rule, the women realize that they need Ernest’s skills in order to keep up with appearances — literally.
Madeline and Helen could’ve had an easier time with the upkeep and maintenance of their appearances if everything they needed to look youthful was located in one place. While it may not keep you youthful, the improvements to our SOAR app community and development will keep you in one place when searching for and building apps in Splunk SOAR.
First, Splunk SOAR apps are now available on Splunkbase. Search for SOAR apps amongst our extensive ecosystem of partner and community-built technical integrations across the Splunk portfolio, providing you with a one-stop shop to extend the power of SOAR.
Second, the new App Editor makes it easy to view, test, extend, and edit existing apps — and create entirely new apps — all from the SOAR user interface, featuring:
- End-to-end development within the SOAR UI
- Easily view and add code, test actions, see log results, and troubleshoot
- Gain additional visibility into how an app functions and modify it to suit your use case
Register for our webinar, Automation for the Modern SOC: Splunk SOAR’s New App Editor, to see this in action.
Get Started And Reach Your SOAR Ghouls (Goals) 👻
Need a little more information before you get SOAR-ing?
- Take a look at the top 5 automation use cases for Splunk SOAR
- Get hands-on with the free community edition
- Register for our webinar to see the new App Editor in action: Automation for the Modern SOC: Splunk SOAR’s New App Editor
- For a deep dive on the new visual playbook editor, check out this webinar: Splunk SOAR’s New Visual Playbook Editor
Fangs for sticking with me 🧛
Happy Halloween and Happy Splunking! Alexa
----------------------------------------------------
Thanks!
Alexa Araneta
Related Articles
Hunting with SA-Investigator & Splunk Enterprise Security (SIEM)
What You Need to Know About Boss of the SOC
