Security Orchestration, Automation, and Response (SOAR) emerged as a product category in the mid-2010s. At that point, SOAR solutions were very much an automation and orchestration engine based on playbooks and integrations. Since then, the platforms have developed beyond the initial core SOAR capabilities to offer more holistic experiences to security analysts, with the aim of developing SOAR as the main workspace for practitioners.
Newer features offered by this holistic experience include case management, collaboration, simulations, threat enrichment, and visual correlations. Additionally, SOAR vendors have gradually implemented artificial intelligence (AI) and machine learning (ML) technologies to enable their platforms to learn from past events and fine-tune existing processes. This is where evolving threat categorization and autonomous improvement become differentiators in the space. While these two metrics are not critical for a SOAR platform, they may offer advantages in terms of reduced mean time to resolution (MTTR), resilience against employee turnover, and overall flexibility.
We’ve observed a lot of acquisition activity in the SOAR space. This was to be expected considering that, after 2015, a sizable number of pure-play SOAR vendors entered the market. Larger players with a wider security portfolio are acquiring these SOAR-specific vendors in order to enter the automation and orchestration market. We expect to see more SOAR acquisitions as the security tools converge, very likely into next-generation Security Information & Event Management products and services (SIEMs).
SIEM is a great candidate for a central management platform for security activities. It was designed to be a single source of truth, an aggregator of multiple security logs, but has been limited historically in its ability to carry out actions. In the past few years, however, SIEMs have either started developing their own automation and orchestration engines or integrated with third-party SOAR vendors. Through a number of acquisitions and developments, multiple players with wider security portfolios have begun to offer SOAR capabilities natively as part of other security solutions.
Going forward, we expect SOAR solutions to be further integrated into other products. This will include not only SIEM, but also solutions such as Extended Detection and Response (XDR) and IT automation. The number of pure-play SOAR vendors is unlikely to increase, although a handful may remain as fully agnostic solutions that enterprises can leverage in instances when their existing next-generation SIEM platforms do not meet all their use cases. However, for pure-play SOAR vendors to remain competitive, they will need to either expand into other security areas or consistently outperform their integrated counterparts…
Related Projects
I count my time working with Chris among my most rewarding professional experiences. Chris is someone with a voracious appetite for knowledge and a desire to understand the world around him. While these traits make him an incredible thought partner that excels at introducing new concepts and riffing off the ideas of others…it also makes him a multiplier, someone that helps others sharpen their own thinking by forcing them to be more introspective, to be more curious about what’s possible, and to think critically and objectively about the reality of a situation.
Chris is a tide that raises many boats, not just through his ability to cultivate innovation and promote positive disruption, but by the example he sets. Chris is one of the most accountable people I’ve ever known and consistently demonstrated a knack for bringing order to chaos, prioritizing diffuse – and often conflicting – objectives, and producing positive outcomes in situations where the deck seemed stacked in such a way that that doing so appeared impossible.
In a wireless organization the network your products operate on needs to be reliable, dependable and operating at top efficiency. Chris made sure that was a reality. Chris was a leader in the day to day operation of our network, on initiating improvement designs for the future and helping out the other departments to close performance gaps. There was never a problem to hard to solve, a solution he was not willing to seek out or a cutting edge idea he hadn’t already researched.
Chris was always on top of current technology and how this technology would fit into his current network environment. Chris was a pleasure to work with and will be an asset to any organization lucky enough to hire him.
I’ve never met anyone who worked as hard as he did at learning and absorbing new skills and technologies and then applying them to his work. He’s a very fast learner and an asset to anyone who has the fortune to work with him.
Chris has the talent to completely embrace and encompass a technology and from that drive results. It is obvious that Chris enjoys sharing his knowledge base and ideas with others. It was a pleasure working with Chris.
Chris was one of the go-to guys whenever there were complex problems. He has the knowledge, desire and potential to advance in any position he chooses. It was a pleasure working with him.
One thing everyone should know about Chris, he always provides nothing less then quality customer service and technical support. His professionalism and skill far exceeds all expectations because he always goes the extra mile.
Chris was an excellent coach, mentor and problem solver. Chris consistently possesses a “can do” attitude while taking on more and more responsibility and taking the time to fully understand, upskill and learn as required for success. Chris is very organized and patient. He is proactive in identifying and addressing risks and issues that could erstwhile derail hard-earned successes. Chris’ list of talents and intangibles is long, but never a surprise once you get the opportunity to work with him.
I have worked with Chris on several projects over the years. His leadership, cooperation, and execution skills are first class. Chris looks at the big picture, identifies necessary actions, builds a plan, and gets the project done
Chris is a great asset to any company. His dedication and drive for results makes him a consistent high achiever.
Chris is extremely knowledgeable and, more importantly, readily shares that knowledge with his peers to promote better overall understanding and improvement.
Chris is highly technical and has excellent organizational and follow up skills. I assigned Chris several initiatives while assigned to my team and his performance was exceptional. He is self motivated and has extensive technical knowledge.
Chris was the driving force behind the creation of the ISOC Colorado chapter. I appreciated his leadership and technical skills and his determination. I enjoyed working with Chris on this project and I am looking forward to doing it again.
His intelligence and wit are only outshone by his friendly and helpful nature. Working with Chris is always a pleasure and a smashing success.
Chris is always happy to contribute to a discussion or to an issue and is more than happy to lend a hand to both assist team members with their tasks or to lend his expertise in order to benefit the requestor. He is constantly providing knowledge transfer in a peer to peer manner, engaging others to work together to move a project forward or to resolve an issue. Most importantly, Chris is an open and honest communicator about whatever the topic of the moment is, something that is refreshing in today’s world. I could always count of Chris to lend his opinion or his ideas to any subject matter, and this becomes an important contribution for any team. Chris has tremendous talent and is a very hard working, team player. I would welcome Chris to my team at any point in the future.
He would always be available as a sounding board for complex issues and provided me with amazing insight on long term planning and ways to scale up teams and business processes.
Chris is very knowledgeable, is always willing to explain and discuss, and is great at pulling together everyone’s input and moving things forward. Working with him has been a great experience.
Chris is an excellent worker with a driving pulse for new technology and leading the industry. His work ethic is second-to-none and his teaming with others always ensures fantastic collaboration with positive outcomes. I am confident that Chris will continue to drive new technology evolution in our industry.
Chris consistently generates and delivers on new and creative ideas both within the guided bounds of a project or team goal as