Practical SOAR for DNS and Domain Threat Intelligence
Automate Your Security Team With SOAR
Cyber Threat Intelligence programs have helped SOC teams around the world to discover and mitigate active campaigns and shorten the time to in-network discovery of adversary activity, but many still rely on manual processes and incompatible tooling. With automation, teams are able to prioritize threats and vulnerabilities, and increase the speed of analysis. With this in mind, it comes as no surprise that organizations are implementing security orchestration automation response (SOAR) platforms to help manage the number of alerts they encounter on a daily basis.
SOAR platforms can help enable security analysts and incident responders to make better decisions, faster. Join Director of Sales Engineering, Taylor Wilkes-Pierce to discuss how to separate signal from noise and to automate complex actions and investigations with world class domain and DNS data.
This webinar will cover:
- Iris datasets that are available not only for ad-hoc research on specific incidents in your SOAR platform, but also for automated actions in SOAR playbooks
- How to use DomainTools risk scoring along with contextual domain intelligence from Iris to automate workflows and manage alert fatigue
- Real world use cases that encompass both notable events from the TA (Technology Add-on) in Splunk and automated investigations with Splunk SOAR Playbooks, as well as Palo Alto Cortex XSOAR playbooks