SOAR (Orchestration - Automation - Response)

Shield IT helps customers deploy SOAR platforms to improve the efficiency of their physical and digital security operations in face of persistent cyber threats.

 

SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables organisations to collect data on security threats and respond automatically without human intervention.

 

SOAR platforms have three main components: (1) Security orchestration, (2) Security automation and (3) Security response.

 

Security orchestration

Connects and integrates disparate internal and external tools via built-in or custom integrations and application programming interfaces (APIs).

 

Security automation

Fed by the data and alerts collected from security orchestration, security automation ingests and analyses data and creates repeated, automated processes to replace manual processes.

 

Security response

Offers a single view for analysts into the planning, managing, monitoring and reporting of actions carried out once a threat is detected; besides commissioning post-incident response activities.