SECURITY ORCHESTRATION (AUTOMATION AND RESPONSE)
What is SOAR ?
SOAR (Security Orchestration, Automation, and Response) is a solution stack of compatible software programs that allow an organization to collect data about security threats from multiple sources and respond to low-level security events without human assistance. The goal of using a SOAR stack is to improve the efficiency of physical and digital security operations. The term, which was coined by the research firm Gartner, can be applied to compatible products and services that help define, prioritize, standardize, and automate incident response functions.
Why Palo Alto ?
- Coordinate security product actions through automatable workflows with human control. Understaffed security teams struggle to follow standard processes in the face of rising alert volumes and product proliferation. Demisto and SOAR have emerged to fill in these industry gaps and help your analysts breathe a little easier.
- Demisto’s orchestration enables security teams to ingest alerts across sources and execute standardized, automatable playbooks for accelerated incident response. Demisto’s playbooks are powered by 100s of integrations and 1000s of security actions, striking the right balance between rapid machine execution and nuanced human oversight.