Readings: Setting up Splunk SIEM

Below you will find reading materials and additional resources that support today’s topic and the upcoming lecture.

Review the Submission Instructions for guidance on completing and submitting this assignment.

Reading

Is Cybersecurity Automation the Future?

Automated Incident Response Explained

How would a security team benefit from implementing a SOAR solution?

Using a purpose built tool customized by an organization significantly cuts down the time it takes to respond or even anticipate a threat. SOAR solutions are done in response to identified threats, thus reducing the time it takes to mitigate and/or eliminate a threat.

Explain how a SOAR solution fits into the Incident Response process.

SOAR falls under Detection and Analysis and Containment, Eradication, and Recovery.

Additional Resources

Splunk offers its own proprietary set of certifications you can pursue to demonstrate proficiency in its products. A free LMS is available for self-paced learning which includes videos, documentation, labs and quizzes. Students wishing to add SIEM expertise to their resumes are encouraged to study these materials.