Splunk Tech Talks
Deep-dives for technical practitioners.
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
New Article

What’s New & Next in Splunk SOAR

DayaSCanales
Splunk Employee
Splunk Employee
‎10-07-2025 07:08 PM

Screenshot 2025-10-31 133938.png

 

Security teams today are dealing with more alerts, more tools, and more pressure than ever.  Join us for an inside look at the latest Splunk SOAR enhancements designed to make your security operations more efficient and effective. Discover how you can:

  • Create and customize playbooks faster
  • Integrate seamlessly with your existing SIEM
  • Accelerate every stage of your detection and response

Whether you’re already using SOAR or just curious about what’s possible, this session is packed with practical tips, live demos, and expert insights from Nick Hunter, Principal Product Marketing Manager, Cybersecurity at Splunk.

Be part of the conversation and see how the future of security automation is unfolding—On Demand now!

Labels
0 Karma
1 Comment
DayaSCanales
Splunk Employee
Splunk Employee
‎10-31-2025 08:22 AM

Here are a few top of mind questions from the live Tech Talk

 

Q. If I have ES and SOAR, what version of ES and SOAR do I need to take advantage of the unified TDIR workflows across the two products?

A. 

  • ES 8.x
  • SOAR 6.3 and above

DayaSCanales_0-1761923718476.png

Q. Can you clarify, if I have ES and SOAR, do I need the ES Premier license for unified TDIR workflows?

A. No, but you will need to pair ES and SOAR and you can do that only for the combinations below:

  • ES Cloud & SOAR Cloud
  • ES CMP & SOAR CMP Standalone
  • ES Cloud & SOAR CMP Standalone (hybrid)

Those unified workflows however would not have things like Asset Risk Scoring or UEBA.

DayaSCanales_1-1761923718477.png

Q. What additional value would I actually get with ES Premier if I already have ES and SOAR today?

A. ES Premier product is Splunk’s most powerful and and seamless AI-powered SecOps platform. By bringing together the next-generation of our SIEM, SOAR, and UEBA together in one seamless experience…we arm every analyst with full visibility, industry-leading tooling, and built-in automation for everyone in the SOC…to quickly identify and stop evolving threats.

DayaSCanales_1-1761923718477.png

0 Karma
Contributors
Get Updates on the Splunk Community!

Accelerating Observability as Code with the Splunk AI Assistant

We’ve seen in previous posts what Observability as Code (OaC) is and how it’s now essential for managing ...

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

 Splunk is More Than Just the Web Console For Digital Forensics and Incident Response (DFIR) practitioners, ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...