NetApp and Cisco Expand Collaboration to Enhance Cybersecurity
NetApp (NTAP) and Cisco (CSCO) announced an expansion of their collaboration to help customers strengthen defense-in-depth strategies for customers. Combining Intelligent Data Infrastructure with advanced analytics and observability capabilities, NetApp and Splunk have delivered deep, real-time visibility into storage and infrastructure health. Together, they are helping customers turn operational data into actionable insights that improve reliability, security, and business outcomes. By expanding their collaboration with the new NetApp Splunk Security Orchestration, Automation, and Response playbook, NetApp and Splunk are helping joint customers contain ransomware attacks and limit data loss at the storage layer, enhancing the containment of the blast radius of cyberattacks while increasing the speed and reducing the cost of recovery. To give customers the resiliency and flexibility they need to protect their data, Cisco and NetApp are releasing the NetApp Splunk SOAR playbook. Splunk Enterprise Security is already integrated with NetApp Ransomware Resilience to collect analytics from the data layer, enhancing incident triage and prioritization. With the new playbook, Splunk SOAR users can now use those signals as well as signals from other solutions to automatically take incident response actions directly on NetApp ONTAP storage as an integral part of their incident response. These actions include blocking a suspicious user, taking snapshots of the data and taking data volumes offline to protect against further infection. As a result, customers will be better able to contain ransomware attacks and limit data loss at the storage layer. Utilized as part of the organization's defense in depth security strategy, the NetApp Splunk SOAR playbooks help to strengthen collaboration between security and storage teams.