New SIEM Tools Help SOC Automation

  /     /     /  
Publicated : 22/11/2024   Category : security


New SIEM Tools Help SOC Automation


Splunk rolls out new SIEM and orchestration tools at its .conf event.



ORLANDO, FL — Splunk .conf — In a presentation that was part of the keynote address at Splunks annual .conf gathering, Splunk vice president of security research Mony Merza announced three updates to the companys roster of security-focused analytics products. Splunk Enterprise Security 5.2, Splunk User Behavior Analytics 4.2, and Splunk Phantom 4.1 were premiered to a crowd of more than 8,000 at Disneys Arena.
What does it take to defend against phishing or malware? Merza asked. You have to be able to observe, orient, decide, and act. Splunks acquisition of Phantom earlier in 2018 allows for the final piece of that list, he said, while Splunks traditional SIEM technology continues to provide the first three.
The new version of Splunk Enterprise Security includes event sequencing, which groups correlation searches and risk modifiers for threat detection and investigations, and a new Use Case Library, which highly accurate and usable security content tailored to a customers specific security situation. The Splunk ES Use Case Library provides an automated discovery process for new use cases, including adversary tactics, cloud security, abuse, and ransomware, to help security analysts understand how best to respond.
Phantom 4.1, which integrates the Phantom orchestration and automation functions with Splunks core functionality, provides new features including clustering support, which aids operational scaling; a new indicator view; and improved onboarding, which dramatically speeds deployment.
Splunks UBA 4.2 is designed to help analysts with machine learning to help find threats and anomalous user behavior. New features include user feedback learning for better UBA anomaly model-scoring in threat detection; improved data ingestion performance by up to 2x; and single sign-on support.
For more, read
here
.
 
Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the
conference
 and
to register.

Last News

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
New SIEM Tools Help SOC Automation