This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Security Operations SOAR - Journey Overview

2 weeks ago

jstoner
Staff
0 0 28

SecOps SOAR relies on the Unified Data Model (UDM) foundation of SecOps' SIEM functionality to provide security orchestration and automation.

While SIEM correlates and contextualizes information for manual action by a SecOps team, SOAR expedites response processes through security automation and orchestration. The core of SecOps SOAR is automation playbooks.

Playbooks define the automated actions to take when specific conditions (events, or combinations of events) are triggered. SecOps SAOR provides several common playbooks, while providing the ability to import, or create custom playbooks for your SecOps workflows.

Journey

soar-product-journey.png

 

Actions

In the SecOps SOAR Journey you will navigate through five main tasks of implementation:

  1. Configure Integrations
  2. Configure Playbooks
  3. Utilize Chronicle Marketplace
  4. Custom Integrations
  5. Incident Manager

Next Steps: Security Operations SOAR: Step 1 - Configure Integrations

Topic Labels
Contributors
0 Likes
Version history
Last update:
2 weeks ago
Updated by: