TechValidate Research on Splunk


Splunk Case Study

Genesys S.A. Automates Multiple Security Workflows within 3 Months of Deploying Splunk SOAR

Introduction

This case study of Genesys S.A. is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service.

Challenges

Before implementing Splunk SOAR, Genesys S.A. was facing the following challenges/pain points:

  • Managing a high volume of security alerts
  • Addressing a lack of personnel on our security staff
  • Creating standardized security workflows
  • Measuring the effectiveness of our security operations

Use Case

Genesys S.A. rated Splunk SOAR on the following feature areas when compared to other SOAR vendors/solutions:

  • Superior for alert, event and case management and visualization with dashboards and reporting
  • Significantly better for team collaboration on events and cases, along with ease of use
  • Better for ability to automate key use cases, integration with key technologies, and building and deploying playbooks

Genesys S.A. saw an increase in speed and efficiency when automating the following use cases through Splunk SOAR:

  • Ransomware Investigations
  • Splunk Enterprise Security (SIEM) Alerts/Notables Investigations
  • Cloud Security Alert Investigations
  • Endpoint Security Alert Investigations
  • Network Security Alert Investigations
  • Vulnerability Patching & Remediation
  • Scheduled Identity and Access Management checkups
  • Scheduled Attack Surface Enumeration
  • User-reported Anomaly Investigations
  • Ad-Hoc Threat Hunting

Genesys S.A. rates the integration between Splunk SOAR and other Splunk products as valuable to its overall security operations. The integration with Splunk Enterprise Platform and Splunk Enterprise Security was highly valuable to Genesys, according to Security Officer Umesh Chandra Reddy Gangadasari.

Results

Genesys was able to automate multiple security workflows within 3 months after deploying Splunk SOAR, and agreed with the following statements:

  • We save time triaging our most repetitive, basic security tasks by using automated security workflows.
  • We are more efficient, productive, and can do more with the staff we already have.
  • We improved our ability to collaborate and align responses to prioritized risks.

Gangadasari confirmed that since using Splunk SOAR, they are 2x faster (e.g. a workflow that took us 30 minutes to complete now takes 15 minutes) to respond to security events, and in their first 12 months of using Splunk SOAR, they experienced up to $500,000 in savings based on analyst time saved.





About This Data

This data was sourced directly from verified users of Splunk by TechValidate.

TechValidate verifies the identity and organizational affiliation of all participants that contribute to published research data. When research participants so desire, we also guarantee their anonymity so that they may share information honestly and freely.


More Research on Splunk