SECURITY

How Ernst & Young Helps Security Analysts Connect the Dots with Splunk SOAR

Security analysts struggle with connecting the dots every single day. They get siloed information from multiple places, making it nearly impossible for them to see the overall context of a security event. Think about your security approach today. What does it look like? How many alerts (from how many sources) does your team see a day? How many security data points are you gathering and collating across multiple security tools (like endpoint, network and cloud security)? And then how do you act on that data, quickly and efficiently, to respond to a security incident?

We asked these same questions to Robb Mayeski, a senior manager for cybersecurity who leads Ernst & Young’s security orchestration, automation and response (SOAR) practice across the Americas. He helps clients tackle their most difficult security problems. He explained that Ernst & Young’s clients struggle most with a lack of resources, siloed workflows, lack of collaboration and manual processes. In essence, they struggled with connecting the dots. 

Ernst & Young LLP turned to Splunk Phantom to connect these dots and remove siloed workflows for their customers. Phantom connects all of these workflows so that you can see the entire contextual picture, and then take action. Mayeski shared with us recently:

“We’re now able to see where the cyber defense team is able to talk with the threat intelligence team or the data protection team. And they're able to share useful metrics. These insights can then roll up to the C-suite, who are then able to make educated decisions based on the risk to the organization.”

The success Ernst & Young saw with Phantom was proven when one of their largest clients was hit with a ransomware attack. Luckily, the client had previously implemented Phantom, allowing them to automate their response to the attack, contain the threat to a single system, and prevent any possible spread or outages. 

Read on to see the full story on how Ernst & Young LLP connected the dots for security analysts with Splunk Phantom.

If you’re eager to try Phantom for yourself, download the free community edition.

Olivia Courtney
Posted by

Olivia Courtney

As a proud member of the Gator Nation (Go Gators), Olivia graduated from the University of Florida with a degree in Telecommunication News and Broadcasting. From there, she moved to the Big Apple with a TV production job at The Today Show! Three years later, she thought "why not?" move to California, and discovered Splunk. Olivia started on the Global Event Marketing team learning the ins & outs of the tech world, where she fell in love with Security. Now, she's using her creative production skills to help her awesome team get Splunk's Security Product messaging out to the world.

TAGS

How Ernst & Young Helps Security Analysts Connect the Dots with Splunk SOAR

Show All Tags
Show Less Tags

Join the Discussion