What is SOAR?
SOAR (Security Orchestration, Automation and Response) is a solution stack of compatible software programs that allow an organization to collect data about security threats from multiple sources and respond to low-level security events without human assistance. The goal of using a SOAR stack is to improve the efficiency of physical and digital security operations. The term, which was coined by the research firm Gartner, can be applied to compatible products and services that help define, prioritize, standardize and automate incident response functions.
- Domisto – Palo Alto
- LogRythm SMART Responses
- Anisible – https://www.ansible.com/overview/it-automation
- ServiceNow – https://www.servicenow.com/products/orchestration.html
- DFlabs IncMan SOAR – https://www.dflabs.com/incman-soar-community-edition/
- SOAR Platforms eBook Everything you need to know about security orchestration, automation, and response
- From Splunk: The-soar-buyers-guide.pdfar-buyers-guide.pdf
- From Swimlane: SOAR_Capabilities_e_book.pdf
- The phoenix project
- Incident Response Automation and Security Orchestration with SOAR