Splunk SOAR (Security Orchestration, Automation and Response) Features

Response (7)

Resolution Automation: Diagnose and resolve incidents without the need for human interaction. This feature was mentioned in 17 Splunk SOAR (Security Orchestration, Automation and Response) reviews.
Resolution Guidance: Guide users through the resolution process and give specific instructions to remedy individual occurrences. 17 reviewers of Splunk SOAR (Security Orchestration, Automation and Response) have provided feedback on this feature.
System Isolation: Cuts off network connection or temporarily inactivate applications until incidents are remedied. 18 reviewers of Splunk SOAR (Security Orchestration, Automation and Response) have provided feedback on this feature.
Threat Intelligence: Gathers information related to threats in order to gain further information on remedies. 17 reviewers of Splunk SOAR (Security Orchestration, Automation and Response) have provided feedback on this feature.
Alerting: Clearly notifies users with relevant information and anomalies in a timely manner. 21 reviewers of Splunk SOAR (Security Orchestration, Automation and Response) have provided feedback on this feature.
Performance Baselin: Based on 20 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Sets a standard performance baseline by which to compare log activity.
High Availability/Disaster Recovery: Based on 19 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Allows platform to scale to size of desired environment and configured with high availability and disaster recovery capabilities.

Records (3)

Incident Logs: Based on 18 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Information on each incident is stored in databases for user reference and analytics.
Incident Reports: Produces reports detailing trends and vulnerabilities related to their network and infrastructure. This feature was mentioned in 17 Splunk SOAR (Security Orchestration, Automation and Response) reviews.
Resource Usage: As reported in 18 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Analyzes recurring incidents and remedies to ensure optimal resource usage.

Management (3)

Incident Alerts: As reported in 18 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Database Management: Based on 16 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Adminstrators can access and organize data related to incidents to produce reports or make data more navigable.
Workflow Management: As reported in 17 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Administrators can organize workflows to guide remedies to specific situations incident types.

Automation (4)

Workflow Mapping: Visually displays connected applications and integrated data. Allows customization and management of workflow structures. This feature was mentioned in 20 Splunk SOAR (Security Orchestration, Automation and Response) reviews.
Workflow Automation: Based on 22 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Streamline the flow of work processes by establishing triggers and alerts that notify and route information to the appropriate people when their action is required within the compensation process.
Automated Remediation: Based on 20 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Reduces time spent remedying issues manually. Resolves common network security incidents quickly.
Log Monitoring: Constantly monitors logs to detect anomalies in real time. 20 reviewers of Splunk SOAR (Security Orchestration, Automation and Response) have provided feedback on this feature.

Orchestration (4)

Security Orchestration: Based on 20 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Integrates additional security tools to automate security and incident response processes.
Data Collection: Based on 21 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Collects information from multiple sources to cross reference and build contextual to correlate intelligence.
Threat Intelligence: As reported in 20 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Stores information related to common threats and how to resolve them once incidents occur.
Data Visualization: As reported in 20 Splunk SOAR (Security Orchestration, Automation and Response) reviews. Offer pre-built and custom reporting and dashboards for quick insights into system states.