GigaOm Radar for Security Orchestration, Automation, and Response (SOAR) v1.0
Security Orchestration, Automation, and Response (SOAR) emerged as a product category in the mid-2010s. At that point, SOAR solutions were very much an automation and orchestration engine based on playbooks and integrations. Since then, the platforms have developed beyond the initial core SOAR capabilities to offer more holistic experiences to security analysts, with the aim of developing SOAR as the main workspace for practitioners.
Newer features offered by this holistic experience include case management, collaboration, simulations, threat enrichment, and visual correlations. Additionally, SOAR vendors have gradually implemented artificial intelligence (AI) and machine learning (ML) technologies to enable their platforms to learn from past events and fine-tune existing processes. This is where evolving threat categorization and autonomous improvement become differentiators in the space. While these two metrics are not critical for a SOAR platform, they may offer advantages in terms of reduced mean time to resolution (MTTR), resilience against employee turnover, and overall flexibility.
We’ve observed a lot of acquisition activity in the SOAR space. This was to be expected considering that, after 2015, a sizable number of pure-play SOAR vendors entered the market. Larger players with a wider security portfolio are acquiring these SOAR-specific vendors in order to enter the automation and orchestration market. We expect to see more SOAR acquisitions as the security tools converge, very likely into next-generation Security Information & Event Management products and services (SIEMs).
SIEM is a great candidate for a central management platform for security activities. It was designed to be a single source of truth, an aggregator of multiple security logs, but has been limited historically in its ability to carry out actions. In the past few years, however, SIEMs have either started developing their own automation and orchestration engines or integrated with third-party SOAR vendors. Through a number of acquisitions and developments, multiple players with wider security portfolios have begun to offer SOAR capabilities natively as part of other security solutions.
Going forward, we expect SOAR solutions to be further integrated into other products. This will include not only SIEM, but also solutions such as Extended Detection and Response (XDR) and IT automation. The number of pure-play SOAR vendors is unlikely to increase, although a handful may remain as fully agnostic solutions that enterprises can leverage in instances when their existing next-generation SIEM platforms do not meet all their use cases. However, for pure-play SOAR vendors to remain competitive, they will need to either expand into other security areas or consistently outperform their integrated counterparts…
We hired Chris with high expectations. He quickly proved to be agood choice as he grasped new concepts exceptionally well andshowed an aggressive personal learning regimen, surpassing his peers. I would highly recommend Chris in his future endeavors.
Ryan Privette, Virtela Technology Services Incorporated
I enjoy working with him on a professional and personal level.
Diane Turley, tw telecom
His intelligenceand wit are only outshone by his friendly and helpful nature. Working with Chris is always a pleasure and a smashing success.
Susan Forsman, tw telecom
Chris was the driving force behind the creation of the ISOCColorado chapter. I appreciated his leadership and technical skillsand his determination. I enjoyed working with Chris on this project and I am looking forward to doing it again.
Yannis Konstantopoulos, Lumen Technologies
Chris is a consummate professional. Motivated, expressive,talented in everything he attempts. His skills in making thingshappen for the better are top notch.
Mark Woodworth, CableLabs
I’ve never met anyone who worked as hard as he did at learning and absorbing new skills and technologies and then applying them to his work. He’s a very fast learner and an asset to anyone who has the fortune to work with him.
Kaelyn Bowman, Virtella Communications
Chris is just phenomenal. I met him a few years ago when he was starting with GigaOm and I saw him becoming one of the pillars of this organization in months. He is committed, talented, organised and full of enthusiasm. I don’t know how he manages it, but looks like his days are 36 hour long! In fact, he is not only a good manager but he has a boatload of other activities in parallel: blogs, podcasts, events, videos, and more. All developed with quality and users in mind. I enjoyed working with him and this collaboration also taught me a lot.
Enrico Signoretti, Juku consulting
Chris is an engineer and leader of the highest caliber as demonstrated by his ongoing volunteer responsibilities within the Internet technical community and his unwavering drive.
Connie Kendig, Internet Society
Chris was always on top of current technology and how thistechnology would fit into his current network environment. Chriswas a pleasure to work with and will be an asset to any organization lucky enough to hire him.
Steve Braden, Streakwave Wireless
Chris is highly technical and has excellent organizational andfollow up skills. I assigned Chris several initiatives whileassigned to my team and his performance was exceptional. He isself motivated and has extensive technical knowledge.
Ray Whinery, Time Warner Telecom
Working with Chris has been a real pleasure. He is open, friendly, intelligent, discreet, skilled, productive, driven, resourceful and trustworthy! Our organisation has really benefitted from Chris’s skills and knowledge.
Howard Baggott, Internet Society
Chris is one of the most professional individuals I have ever worked with. His dedication to the success of our organization was paramount. I always relied on him to engage in intricate troubles knowing they would receive appropriate attention and follow through. Chris is an immediate asset to any organization and is most certainly.
Jim Meslovich, CenturyLink Business for Enterprise
Chris was an amazing colleague to work with. I admire his ability to understand very technical concepts as well as business and market driven ones. He has amazing stakeholder management skills, and has the ability to build relationships and manage working groups and teams. He is a true leader who is very passionate about whatever he is working on. His desire for framing strategic direction and leading execution would be an asset to any organization. I would welcome any opportunity to work with Chris again.
Rupal Patel, CableLabs
Chris Grundemann was among the most energetic and competent members of our Council throughout his time as an elected member. I found(find) Chris a most thoughtful man who brought insight and experience to the role, but was also always a genuine and professional member exerting leadership with tact and good humor. I think highly of Chris both as a technical professional and community leader, but also as a trusted friend.
Bill Darte, ARIN Advisory Council
Chris excels at finding best practices for a company which in turn make processes more efficient and reliable. He uplifts those that report to him with encouragement for their work. His confidence in his role reflects in his work!
Kenyanna Cornely, GigaOm
Through the several tasks that we spent together in a professional environment, I have seen Chris accomplish things that many would consider impossible – both as a professional and technically – and neither has been a disappointment. Chris is a calculated risk-taker. He has an uncanny way of determining what the target market needs and has the capability of tweaking his designs and implementations accordingly. As a pragmatic leader and a realist, he can grasp ideas in a holistic manner and still pay attention to minor details. Chris has a well-deserved reputation as someone who is diligent and personable – two qualities that define him completely. As someone who is a creative thinker and possesses a can-do attitude, Chris is a pleasure to work with.
Kyle Smith, Markley
Chris is extremely knowledgeable and, more importantly, readilyshares that knowledge with his peers to promote better overall understanding and improvement.
Dan Zumar, Virtela Technology Services Incorporated
Chris is a strong team player with tremendous attention to detail. His approach was always well thought out with solid backing tohis ideas. His role and growth in the company were key to itssurvival. He was also very willing and able to wear multiple hats and was a flexible asset to have on hand.
Mikael Rasmussen, WavMax Broadband
Together we conquered many challenges, won impossible battles in the vendor industry and created a unique security practice. He has an interesting set of talents of being an engineer, innovator, and a thought leader, but never mixes any of these roles. That is what makes him successful as a leader. “Never be comfortable” is what Chris would tell me, which is what pushed me to do my first tech talk. I now have dozens behind me within some of the largest conferences known in the security vendor industry. Chris is nothing short of supernatural.
Leo Cruz, Myriad360
Chris is one of the sharpest minds you will be lucky to come across, whether in a personal or professional setting. His ability to cut through the noise and see the relevant elements and data in any situation is remarkable.
Chris is intensely focused, dedicated, and capable. He absorbs and synthesizes data quickly, finds the leverage points, focuses on what matters, and delivers results. Any high-performing team will get a boost from engaging with Chris.
Andy Fisher, Myriad360
We appreciated his work ethics andclarity of thought. His mind was always on the “next step” and kept us all on our toes.
Ed Partch, American Tech Support
Chris is one of the most brilliant technologists and charismaticspeakers I’ve met in a long time. He’s an absolute creative, has amind focused on solutions, and is driven by a deep belief in whathe does. He’s both an inspirational leader and great colleague. I’d work with Chris again any day of the week.
Lia Kiessling, Internet Society
I have worked with Chris on several projects over the years. His leadership, cooperation, and execution skills are first class. Chris looks at the big picture, identifies necessary actions, builds a plan, and gets the project done
Richard Jimmerson, ARIN
Chris Grundemann shares an infectious passion for technology and process. His decisiveness sets him apart from other leaders because he is more than willing to take risk for what he believes in. He empowers those around him and he trusts his direct reports to make good decisions. His ability to stand side by side with his team and still exhibit strong leadership is what makes him effective. Chris helped to launch the PMO office with a clear vision and plan that has helped us to establish governance and better business alignment.
Catina Ross, GigaOm
Chris is an exceptionally energetic individual, a talented thinkerand an accomplished public speaker. He is a very rewardingperson to work with due to the level of organization he brings toevery project. He has vision and probity, a rare combination. I has been a great privilege to work with him.
John Springer, ARIN Advisory Council
Chris isvery knowledgeable, is always willing to explain and discuss, andis great at pulling together everyone’s input and moving things forward. Working with him has been a great experience.
Lisa Ruby, Motorola
Chris has the talent to completely embrace and encompass atechnology and from that drive results. It is obvious that Chrisenjoys sharing his knowledge base and ideas with others. It wasa pleasure working with Chris.