Scribd Logo
Upload

Welcome to Scribd!

  • SOAR in Cybersecurity

    Uploaded by

    ITLeadup Ambassadeurs
    29 views7 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    29 views7 pages

    SOAR in Cybersecurity

    Uploaded by

    ITLeadup Ambassadeurs

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    linkedin.

    com/in/satheeshkv
    #LetsConnect

    SOAR
    (Security Orchestration, Automation and
    Response)

    #SecurityPlatform
    What is SOAR?

    SOAR (Security Orchestration, Automation and Response) is


    a technology platform that streamlines and automates
    security operations tasks. It integrates a range of security
    tools and technologies to enable security teams to detect,
    investigate, and respond to security threats quickly and
    efficiently.

    @satheeshkv
    How it works?

    @satheeshkv
    Use Cases

    Incident response: SOAR can help security teams detect and


    respond to security incidents more quickly and effectively,
    reducing the impact of attacks.
    Threat hunting: SOAR can automate the process of
    searching for potential threats within an organization's IT
    environment, freeing up security analysts to focus on more
    complex tasks.
    Compliance: SOAR can help organizations meet compliance
    requirements by automating tasks such as log collection,
    analysis, and reporting.

    @satheeshkv
    Benefits
    Faster incident response: SOAR can help security teams
    respond to security incidents faster, reducing the impact of
    attacks.
    Reduced workload for security analysts: By automating
    routine tasks, SOAR can free up security analysts to focus on
    more complex tasks.
    Improved accuracy: By automating tasks such as data collection
    and analysis, SOAR can reduce the risk of human error.
    Greater efficiency: SOAR can help organizations improve the
    efficiency of their security operations by automating repetitive
    tasks and streamlining workflows.

    @satheeshkv
    SIEM vs SOAR

    While SOAR and SIEM (Security Information and Event


    Management) are both security technologies, they serve different
    purposes. SIEM is focused on collecting, analyzing, and
    correlating security data from various sources to detect potential
    security incidents. SOAR, on the other hand, is focused on
    automating security operations tasks such as incident response
    and threat hunting.
    In other words, SIEM is a tool for monitoring and detection, while
    SOAR is a tool for incident response and remediation. While they
    have some overlap, they are typically used together as part of a
    larger security operations strategy.

    Tools

    Splunk Phantom
    Demisto by Palo Alto Networks
    IBM Resilient
    Swimlane
    Cybersponse

    @satheeshkv
    Set All to get
    Daily Cybersecurity
    Info

    Follow & Connect


    Let's be a part in my Professional Journey

    You might also like