Splunk Enterprise Security 8.0: Customer Feedback

A few weeks ago, we announced the general availability of Splunk Enterprise Security 8.0 — rolling out right now to customers in Splunk Cloud! This release is a significant leap forward for security operations, delivering exciting new unified investigation and case management workflows that help analysts quickly triage and investigate security alerts. Additionally, with the direct integration of Splunk SOAR and Mission Control, security teams can do everything from detection, triage, investigation, and response in one single unified modern interface.

That’s not all. The team continues to push innovation in new areas like detection engineering and alert aggregation to help our customers drive positive security outcomes and keep their organizations secure. Splunk Enterprise Security now includes a native detection versioning feature that helps content engineers manage the hundreds of security detections in the SIEM. On the alert aggregation front, a new Finding1 Groups feature helps administrators build automatically grouped alerts that analysts can quickly consume and act on - reducing manual steps in the triage process and speeding up response times to potential security incidents.

With so much in this release, it is important to continue our tradition of customer feedback to work hand in hand with existing customers and refine these workflows and gather their feedback via our Voice of the Customer programs. We worked with a couple dozen customers in the Splunk Enterprise Security 8.0 private preview program to gather their feedback as we refine these new capabilities. One of our private preview participants, Matt Snyder, shared his perspective on Splunk Enterprise Security 8.0 in a blog post, "Redefining SIEM: Why Splunk® ES 8.0 Stands Out" that I think everyone should take a look at. As a long time Splunk Enterprise Security user, Matt provides a deep dive into many of the improvements and changes in this release, along with his impressions, and I think he nailed it when he said Splunk Enterprise Security 8.0 is the biggest release yet.

We want to send a big thank you to Matt, and all of the other customers who participated in the Splunk Enterprise Security 8.0 private preview program. We continue to lean on our Voice of the Customer programs like Previews and Splunk Ideas to drive Splunk Enterprise Security development, and together we will partner to build the SOC of the Future.

1 *In preview with Splunk Enterprise Security 8.0

/en_us/blog/fragments/enterprise-security-tour
Style
two-column

Related Articles

Boss of the SOC Scoring Server, Questions and Answers, and Dataset! Open-Sourced and Ready for Download
Security
2 Minute Read

Boss of the SOC Scoring Server, Questions and Answers, and Dataset! Open-Sourced and Ready for Download

We have open-sourced the Boss of the SOC dataset (ver1.0) and BOT(S|N) scoring server. They can be used to run your own CTF, perform research, or train your internal users!
Orchestrate Framework Controls to Support Security Operations with Splunk SOAR
Security
2 Minute Read

Orchestrate Framework Controls to Support Security Operations with Splunk SOAR

Learn more about how to identify use cases for automation and dive deeper into the five steps of designing security workflows around framework regulations
Splunk for OT Security V2: SOAR and More
Security
3 Minute Read

Splunk for OT Security V2: SOAR and More

OT attacks are on the rise, as we've seen from the Oldsmar water facility attack. the Splunk IoT, Manufacturing and Energy team has been hard at work improving Splunk for OT Security to help secure your environment.
/en_us/blog/fragments/about-splunk
/en_us/blog/fragments/subscribe-footer