SANS SOAR Solutions Forum
June 18 @ 10:30 am - 2:30 pm
Don’t miss the Crash at the SANS SOAR Solutions Virtual Forum on June 18th. One of our own,
Leon Ward, will be delivering a presentation during the event so make sure to tune in.
Security Orchestration, Automation and Response (SOAR) tooling is intended to increase efficiency
and consistency. These tools also promise to diminish the cost of operating a Security Operations
Center (SOC) for most organizations. If used properly, these tools can do all of these things. The
challenge is that the tools are frequently bought to avoid the one thing that most organizations
don›t seem to be able to do on their own: figuring out the sequence of actions that need to be
automated and bringing together the mass of data from disparate tools.
Investing in a SOAR platform is strategic and oftentimes a financially beneficial decision. SOAR
systems can help define, prioritize, and standardize responses to cyber incidents. This process
occurs when an organizations security team uses the platform to gain insight on an attackers
tactics, techniques, and procedures (TTPs) and known indicators of compromise (IOC).