SOAR is a software solution that allows an organization to collect data about security threats from multiple sources and respond without human assistance to improve a SOC’s efficiency. According to Gartner, the 3 most important aspects of a SOAR solution are as follows:

  1. Threat and vulnerability management, meaning the technology support the remediation of vulnerabilities.
  2. Security incident response, meaning the solution helps an organization plan, manage, track and coordinate the response to a security incident.
  3. Security operations automation, meaning the SOAR solution supports the automation and orchestration of workflows, processes, policy execution and reporting.