How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
My primary use case was for the MITRE ATT&CK parameters. I have some experience with MITRE ATT&CK for SIEM and SOAR solutions.
We are doing some automation on the SIM and we are getting some SIMS and we are looking for some automation to improve the security environment. That's how we are currently using Splunk.
We're not really creating the use cases. Our internal team is developing the use cases. Right now, we have automated the whole phishing process. After that we are still planning to automate a few more things like malware investigation and then from there other processes.
Our primary use case of the solution is for fine tuning. We provide professional services for our customers to enhance their ability to use the functionalities of Splunk. We're integrators of the solution.
We are a consulting firm and this is a solution that we use for ourselves, as well as implement it for our customers. Our use case is to establish a platform for threat analysis across different data sources that we have in the company. Essentially, it is an orchestration platform and we want to make sure that we can tie into different endpoints or data sources from which traffic originates. We need to then detect and analyze threats.
Hi, I'm looking for a technical comparison between Splunk Phantom SOAR and FireEye SOAR solutions.
Can anyone help with insights?
Let the community know what you think. Share your opinions now!