Security Operations

Mission Accepted: Respond Software Joins Splunk in Quest to Deliver the Modern SOC

Dan Lamorena
by Dan Lamorena
category Security Operations

Security analysts utilize a number of tools to do their job properly, but often waste too much time and energy switching between screens and chasing false positives. Those days are quickly becoming a thing of the past as Splunk sets a new standard for the future security operations center (SOC) with Splunk Mission Control.

This week, Splunk previewed its open architecture, the Mission Control Plug-in Framework, as a way for security teams to streamline their SOC workflows by integrating best-of-breed security tools into Mission Control’s common UI. One cloud-based tool to rule them all and poised to conquer the challenge of enabling incident analysis and response among disparate toolsets, Respond Software is proud to be among the first partners to drive toward this new future with the addition of the Respond Analyst to the Mission Control ecosystem.

Mike Armistead, Co-Founder and CEO of Respond Software, discussed the future of the modern SOC: “The problems in the SOC cannot be fixed with the siloed solutions available today. There are more security analysts than ever working the frontlines frantically searching across consoles for the information they need to understand the importance of an event and prioritize it. The Mission Control Plug-in Framework is the right approach that will support a broad and deep portfolio of solutions and services that truly makes a difference in our customers’ everyday investigations.”

Built with the Splunk dashboards that Splunk users have come to know and love, Splunk Mission Control also utilizes APIs to integrate data from partner solutions. These solutions include security controls from endpoint, network, and cloud security, as well as threat intelligence and advanced detection capabilities. Through the Mission Control ecosystem, the Respond Analyst brings intelligent decision automation at the fingertips of security analysts, enabling them to focus on critical, scoped incidents versus chasing down false positives.

This is not the first time that we have partnered with Splunk. The Respond Analyst already integrates with Splunk Phantom, a proven tool that enables organizations to automate response capabilities by automatically creating cases, adding new events as they arise. Today, Phantom provides a direct feedback loop into the Respond Analyst data science model to improve detection.

Eric Schou, AVP, Head of Security Marketing, stated: “Security operations teams need to increase the efficacy and efficiency of their detection capabilities. They often struggle to integrate different data sources into a coherent solution. Splunk’s announcement in partnership with Respond Software enables customers to choose the best network security solutions without incurring vendor lock-in and helps them build a modern SOC that simplifies and improves the way security analysts do their job.”

Take action and defend your enterprise with the Respond Analyst and Splunk.