Background:
As one of the world’s leading investment firms with more than 21 offices spanning the globe, it’s not uncommon for the security team at Blackstone to see as many as 30 to 40 malware alerts in a single day. Blackstone’s Incident Response team investigates each malware alert as if a compromise has already occurred, a process that requires 30 to 45 minutes to address each alert fully if done manually.
Challenges:
Benefits:
Business Impact:
Splunk Product:
Splunk SOAR (Previously Splunk Phantom) Enterprise Edition
[image] => posts/March2023/oBgfBlISB9TaOPeFF9CX.png [slug] => automating-malware-investigation-for-one-of-the-top-investment-firms [meta_description] => Leading investment firms security team deals with 30-40 malware alerts daily, considering automation to speed up investigation process. [meta_keywords] => [status] => PUBLISHED [featured] => 0 [created_at] => 2023-03-06 10:47:02 [updated_at] => 2023-03-15 11:25:56 [tags] => Splunk-SOAR, Use-case [youtube_video] => [speaker_1_name] => [speaker_1_photo] => [speaker_1_designation] => [speaker_2_name] => [speaker_2_photo] => [speaker_2_designation] => [speaker_3_name] => [speaker_3_photo] => [speaker_3_designation] => [summary_data] => ) [original:protected] => Array ( [id] => 29 [author_id] => 1 [category_id] => 2 [title] => Automating malware investigation for one of the top investment firms [seo_title] => Automating malware investigation for one of the top investment firms [excerpt] => Leading investment firms security team deals with 30-40 malware alerts daily, considering automation to speed up investigation process. [body] =>Background:
As one of the world’s leading investment firms with more than 21 offices spanning the globe, it’s not uncommon for the security team at Blackstone to see as many as 30 to 40 malware alerts in a single day. Blackstone’s Incident Response team investigates each malware alert as if a compromise has already occurred, a process that requires 30 to 45 minutes to address each alert fully if done manually.
Challenges:
Benefits:
Business Impact:
Splunk Product:
Splunk SOAR (Previously Splunk Phantom) Enterprise Edition
[image] => posts/March2023/oBgfBlISB9TaOPeFF9CX.png [slug] => automating-malware-investigation-for-one-of-the-top-investment-firms [meta_description] => Leading investment firms security team deals with 30-40 malware alerts daily, considering automation to speed up investigation process. [meta_keywords] => [status] => PUBLISHED [featured] => 0 [created_at] => 2023-03-06 10:47:02 [updated_at] => 2023-03-15 11:25:56 [tags] => Splunk-SOAR, Use-case [youtube_video] => [speaker_1_name] => [speaker_1_photo] => [speaker_1_designation] => [speaker_2_name] => [speaker_2_photo] => [speaker_2_designation] => [speaker_3_name] => [speaker_3_photo] => [speaker_3_designation] => [summary_data] => ) [changes:protected] => Array ( ) [casts:protected] => Array ( ) [classCastCache:protected] => Array ( ) [attributeCastCache:protected] => Array ( ) [dates:protected] => Array ( ) [dateFormat:protected] => [appends:protected] => Array ( ) [dispatchesEvents:protected] => Array ( ) [observables:protected] => Array ( ) [relations:protected] => Array ( ) [touches:protected] => Array ( ) [timestamps] => 1 [hidden:protected] => Array ( ) [visible:protected] => Array ( ) [fillable:protected] => Array ( ) [guarded:protected] => Array ( [0] => * ) ) ) [escapeWhenCastingToString:protected] => ) 1