HYAS Insight and Splunk SOAR Integration Overview

This solution brief outlines the integration of HYAS Insight with Splunk SOAR, which aims to enhance security automation through automated infrastructure intelligence. The integration provides real-time data on adversary infrastructure, enabling security teams to improve their playbooks and reduce investigation time. By embedding HYAS capabilities into Splunk SOAR workflows, analysts can efficiently uncover relationships, attribute attacks, and act without manual interventions. The document details key benefits such as automated infrastructure enrichment, faster playbook execution, and reduced alert fatigue. It also describes specific actions supported by the HYAS Insight app, including command and control lookups and WHOIS lookups. Additionally, example use cases illustrate how the integration can facilitate automated threat containment and proactive threat sweeps. The brief emphasizes the importance of real-time visibility into adversary infrastructure for effective threat management.