Security Orchestration Automation and Response (SOAR) Questions
Dec 13 2021
Hi infosec professionals,
Which deployment model should an enterprise organization choose and in which case?
Nov 22 2021
Hi community members,
Can you please share with other peers how Security Orchestration, Automation, and Response (SOAR) is different from XDR?
Thanks for the help!
Dec 10 2021
Why SOC is important for an organization? What are the main challenges of the modern SOC?
Sep 23 2021
Hi community, We all know that it's important to conduct a trial / POC as part of the buying process. Do you have any advice for your peers about the best way to conduct a SOAR trial or POC? How do you conduct a trial effectively? What should be taken into consideration and are there any mis... Read More »
Sep 13 2021
Hot data is necessary for live security monitoring. Archive data (cold data) is not available fastly. It takes days to make archive data live if the archive data time frame is more than 30 days (in most of the SIEM solutions). As an example, SolarWinds said the attackers first compromised its... Read More »
Sep 03 2021
When one writes detection rules for SIEM solutions, what are the criteria of a good detection rule?
Can you share any examples?
Sep 08 2021
Hi community, We would like to hear your insights on the latest trends in SOC. What are you seeing in the field or forecasting? Please share your opinion on how these trends are going to influence the future of the relevant solutions, tools, etc. used in SOC. Looking forward to hearing your... Read More »
Hi, I'm looking for a technical comparison between Splunk Phantom SOAR and FireEye SOAR solutions.
Can anyone help with insights?
Sep 22 2021
Hi dear community,
Can you explain what an incident response playbook is and the role it plays in SOAR? How do you build an incident response playbook?
Do SOAR solutions come with a pre-defined playbook as a starting point?
Aug 31 2021
SIEM and SOAR have a lot of components in common. How do they differ in the role they play in Cyber Security? If you've been working in cybersecurity, you've likely come across SOAR and SIEM technologies. There are differences between their capabilities, although they have a fair amount of commo... Read More »
When evaluating Security Orchestration, Automation, and Response (SOAR), what aspect do you think is the most important to look for?
Let the community know what you think. Share your opinions now!
Product CategoriesSecurity Orchestration Automation and Response (SOAR)
Download our free Security Orchestration Automation and Response (SOAR) Report and find out what your peers are saying about ServiceNow, Splunk, Palo Alto Networks, and more!
- What is the difference between SIEM and SOAR platforms?
- What is an incident response playbook and how is it used in SOAR?
- How to evaluate SIEM detection rules?
- Why a Security Operations Center (SOC) is important?
- What types of Security Operations Center (SOC) deployment models do exist?
- What are the latest trends in Security Operations Center (SOC)?
- When evaluating Security Orchestration, Automation, and Response (SOAR), what aspect do you think is the most important to look for?
- Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
- What's the best way to trial Security Orchestration, Automation and Response (SOAR) solutions?