Security Orchestration, Automation and Response

Why Trust Techopedia

What Does Security Orchestration, Automation and Response Mean?

Security Orchestration, Automation and Response (SOAR) is an IT stack helping companies and organizations to deal with security threats. In a collection of physical and digital security tools, SOAR provides an architecture for optimal security response. For example, a SOAR resource set could include new kinds of software packages that run on top of firewalls or perimeter security hardware, arranging new and more sophisticated processes beyond simple perimeter security.

Advertisements

Techopedia Explains Security Orchestration, Automation and Response

A SOAR setup can help with threat and vulnerability management, as well as security incident response. Some tools also offer automated resources. SOAR can be contrasted with SIEM or security information and event management, as SOAR is being applied to enhance what is possible through SIEM models. Again, SOAR can enhance existing security models by providing overarching automation and coordination strategies. Perhaps there are several standalone security tools that are not linked to one another. With monitoring, integrated threat detection and incident response, and other features, a SOAR architecture works proactively to keep a system protected.

Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.