SOAR TechAdvice video | SC Media

SOAR TechAdvice video

Discussion Topics

Many organizations have two problems, they have SIEM and EDR tools that are not integrated. To solve the problem they buy yet another tool such as a SOAR platform to integrate and orchestrate these tools, now they have three problems. While SOAR platforms promise amazing automation and orchestration capabilities, they still require that the tools integrated into the platform be properly configured and tuned, and many of the SOAR platforms themselves are incredibly complex systems that more resemble a development platform, than a simple drag and drop interface. To implement a SOAR platform requires a team that is proficient in programming languages, understand the API integrations of the various security tools as well as clearly defined security processes and playbooks. Most organizations lack the resources and tools to deploy and managed a SIEM and EDR, and the addition of SOAR only increases the complexity.