Splunk SOAR is now deployable from the cloud, further delivering on our promise to modernize security operations. Cloud-delivered security makes security operations easier, more agile, and more efficient, helping you stay one step ahead of threats.
Learn how to identify the necessary data sources to ingest to cover essential use cases. You’ll also learn about our risk reduction framework and how it can accelerate your maturity level and accelerate time to value.
We are releasing a new community playbook for Splunk Phantom to help enrich suspicious email events. This playbook focuses specifically on domain names contained in the ingested email, and it uses Cisco Umbrella Investigate to add the risk score, risk status and domain category to the event in Phantom.