SOAR (security orchestration automation and response)
SOAR is a software solution that allows an organization to collect data about security threats from multiple sources and respond without human assistance to improve a SOC’s efficiency. According to Gartner, the 3 most important aspects of a SOAR solution are as follows:
- Threat and vulnerability management, meaning the technology support the remediation of vulnerabilities.
- Security incident response, meaning the solution helps an organization plan, manage, track and coordinate the response to a security incident.
- Security operations automation, meaning the SOAR solution supports the automation and orchestration of workflows, processes, policy execution and reporting.