NetApp and Cisco teamed up to help companies improve their defenses against cyber threats. They made a new NetApp Splunk SOAR playbook that lets businesses tackle ransomware right where important data lives – the storage layer. This is built on top of what they already had with Splunk Enterprise Security and NetApp Ransomware Resilience. With the new playbook, security teams can respond to threats by, say, stopping suspicious users, creating data snapshots, and separating storage volumes to keep infections from spreading. They do this using threat signals from Splunk and other security tools which now automatically trigger actions in NetApp ONTAP storage systems. “With AI accelerating both the speed and sophistication of cyberattacks, the window to respond has never been smaller,” said Sandeep Singh, Senior Vice President and General Manager, Platform at NetApp. “To limit the cost and impact of ransomware, organizations must act the moment a threat is detected, which means extending security automation into the storage layer where data lives.
Also Read: Meta Launchs AI-Powered Business Agent to Automate Customer Engagement and Operations
“Effective security strategies require visibility and action across the entire technology stack, including the data layer,” said David Dalling, GVP, Splunk Security at Cisco. “With the new NetApp Splunk SOAR playbook, ONTAP storage becomes an active participant in the security ecosystem, enabling organizations to contain threats directly targeting enterprise data. By connecting NetApp storage into Splunk SOAR workflows, we’re helping security and storage teams collaborate more seamlessly and respond to incidents with greater speed and confidence.” By combining NetApp’s Intelligent Data Infrastructure with Splunk’s analytics, observability and automation capabilities, the partnership aims to provide real-time visibility, faster threat response and stronger protection against evolving ransomware threats.