Security orchestration

Security orchestration, automation and response (SOAR) is a group of cybersecurity technologies that allow organizations to respond to some incidents automatically. It collects inputs monitored by the security operations team such as alerts from the SIEM system, TIP, and other security technologies and helps define, prioritize, and drive standardized incident response activities.

Organizations use SOAR platforms to improve the efficiency of physical and digital security operations. SOAR enables administrators to handle security alerts without the need for manual intervention. When a network tool detects a security event, SOAR can either alert the administrator or take another predefined action, depending on the event’s nature.

This article is issued from Wikipedia. The text is available under Creative Commons Attribution-Share Alike 4.0 unless otherwise noted. Additional terms may apply for the media files.