NetApp and Cisco have announced an expansion of their collaboration to help customers strengthen defense-in-depth strategies for customers. Combining Intelligent Data Infrastructure with advanced analytics and observability capabilities, NetApp and Splunk have delivered deep, real-time visibility into storage and infrastructure health. Together, they are helping customers turn operational data into actionable insights that improve reliability, security, and business outcomes. By expanding their collaboration with the new NetApp Splunk Security Orchestration, Automation, and Response (SOAR) playbook, NetApp and Splunk are helping joint customers contain ransomware attacks and limit data loss at the storage layer, enhancing the containment of the blast radius of cyberattacks while increasing the speed and reducing the cost of recovery.
“With AI accelerating both the speed and sophistication of cyberattacks, the window to respond has never been smaller,” said Sandeep Singh, Senior Vice President and General Manager, Platform, NetApp. “To limit the cost and impact of ransomware, organizations must act the moment a threat is detected, which means extending security automation into the storage layer where data lives. As the company delivering the most secure storage on the planet, NetApp is uniquely positioned to make storage an active part of a defense-in-depth strategy. By working with Cisco to enable Splunk SOAR workflows to take direct action on data stored in NetApp ONTAP®, we’re helping make a defense-in-depth security strategy simpler and more effective.”
To give customers the resiliency and flexibility they need to protect their data, Cisco and NetApp are releasing the NetApp Splunk SOAR playbook. Splunk Enterprise Security is already integrated with NetApp Ransomware Resilience to collect analytics from the data layer, enhancing incident triage and prioritization. With the new playbook, Splunk SOAR users can now use those signals as well as signals from other solutions to automatically take incident response actions directly on NetApp ONTAP storage as an integral part of their incident response. These actions include blocking a suspicious user, taking snapshots of the data and taking data volumes offline to protect against further infection. As a result, customers will be better able to contain ransomware attacks and limit data loss at the storage layer. Utilized as part of the organization’s defense in depth security strategy, the NetApp Splunk SOAR playbooks help to strengthen collaboration between security and storage teams.
Automating the response and recovery actions against cyber threats with the NetApp Splunk SOAR playbook improves security team metrics like mean time to contain (MTTC) and reduces the manual effort and skills required to protect data. As a result, NetApp and Cisco are making it faster and more efficient for enterprises to achieve cyber resilience.
“Effective security strategies require visibility and action across the entire technology stack, including the data layer,” said David Dalling, GVP, Splunk Security, Cisco. “With the new NetApp Splunk SOAR playbook, ONTAP storage becomes an active participant in the security ecosystem, enabling organizations to contain threats directly targeting enterprise data. By connecting NetApp storage into Splunk SOAR workflows, we’re helping security and storage teams collaborate more seamlessly and respond to incidents with greater speed and confidence.”
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
