// THREAT DETECTION AND DATA PRIVACY TERM
SOAR
SOAR stands for Security Orchestration, Automation, and Response, referring to platforms that help security teams manage and automate security operations tasks and incident responses more efficiently. It combines different security tools and data sources into a single system to streamline workflows.
TECHNICAL DEFINITION
Security Orchestration, Automation, and Response (SOAR) platforms are cybersecurity solutions that integrate disparate security tools, automate security workflows, and facilitate incident response by centralizing data, managing security operations, and applying predefined playbooks for tasks like threat intelligence, vulnerability management, and incident remediation, thereby enhancing operational efficiency and accelerating resolution times.
BACKGROUND
RTX Corporation, formerly Raytheon Technologies Corporation, is an American multinational aerospace and defense conglomerate headquartered in Arlington, Virginia. It is one of the largest aerospace and defense manufacturers in the world by revenue and market capitalization, as well as one of the largest providers of intelligence services. In 2023, the company's rank in the Forbes Global 2000 was 79. RTX manufactures aircraft engines, avionics, aerostructures, cybersecurity solutions, guided missiles, air defense systems, satellites, and drones. The company is a large military contractor, getting much of its revenue from the U.S. government.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- Security Automation
- Incident Response Automation
- SOC Automation
- Security Orchestration Platform
- Automated Security Response
USAGE NOTE
SOAR is predominantly used in Security Operations Centers (SOCs) to improve the speed and consistency of incident response and security operations by automating repetitive tasks and orchestrating complex workflows.
DEVELOPERS
Organizations developing technology related to SOAR.
Develops Cortex XSOAR, a leading security orchestration, automation, and response platform that unifies case management, automation, and real-time collaboration.
Offers Splunk SOAR (formerly Phantom), a platform designed to automate and orchestrate security operations, accelerate incident response, and improve overall security posture.
Provides IBM Security QRadar SOAR (formerly Resilient), which helps security teams streamline incident response, automate tasks, and orchestrate complex workflows.
Develops InsightConnect, a security orchestration, automation, and response (SOAR) solution that connects security tools and automates repetitive tasks to accelerate incident response.
Offers Microsoft Sentinel, a cloud-native SIEM and SOAR solution that provides security analytics, threat intelligence, and automated response capabilities through playbooks and Logic Apps.
Develops FortiSOAR, a comprehensive security orchestration, automation, and response platform that helps organizations manage and automate security operations across their infrastructure.
A dedicated SOAR vendor, developing the Swimlane Turbine security automation platform designed to centralize and automate security operations for faster and more efficient incident response.
Provides Security Operations (SecOps) solutions that include SOAR capabilities, enabling organizations to automate incident response, vulnerability management, and security workflows within a unified platform.