Security Orchestration, Automation, and Response (SOAR) emerged as a product category in the mid-2010s. At that point, SOAR solutions were very much an automation and orchestration engine based on playbooks and integrations. Since then, the platforms have developed beyond the initial core SOAR capabilities to offer more holistic experiences to security analysts, with the aim of developing SOAR as the main workspace for practitioners.
Newer features offered by this holistic experience include case management, collaboration, simulations, threat enrichment, and visual correlations. Additionally, SOAR vendors have gradually implemented artificial intelligence (AI) and machine learning (ML) technologies to enable their platforms to learn from past events and fine-tune existing processes. This is where evolving threat categorization and autonomous improvement become differentiators in the space. While these two metrics are not critical for a SOAR platform, they may offer advantages in terms of reduced mean time to resolution (MTTR), resilience against employee turnover, and overall flexibility.
We’ve observed a lot of acquisition activity in the SOAR space. This was to be expected considering that, after 2015, a sizable number of pure-play SOAR vendors entered the market. Larger players with a wider security portfolio are acquiring these SOAR-specific vendors in order to enter the automation and orchestration market. We expect to see more SOAR acquisitions as the security tools converge, very likely into next-generation Security Information & Event Management products and services (SIEMs).
SIEM is a great candidate for a central management platform for security activities. It was designed to be a single source of truth, an aggregator of multiple security logs, but has been limited historically in its ability to carry out actions. In the past few years, however, SIEMs have either started developing their own automation and orchestration engines or integrated with third-party SOAR vendors. Through a number of acquisitions and developments, multiple players with wider security portfolios have begun to offer SOAR capabilities natively as part of other security solutions.
Going forward, we expect SOAR solutions to be further integrated into other products. This will include not only SIEM, but also solutions such as Extended Detection and Response (XDR) and IT automation. The number of pure-play SOAR vendors is unlikely to increase, although a handful may remain as fully agnostic solutions that enterprises can leverage in instances when their existing next-generation SIEM platforms do not meet all their use cases. However, for pure-play SOAR vendors to remain competitive, they will need to either expand into other security areas or consistently outperform their integrated counterparts…
We hired Chris with high expectations. He quickly proved to be a good choice as he grasped new concepts exceptionally well and showed an aggressive personal learning regimen, surpassing his peers. I would highly recommend Chris in his future endeavors.
I enjoy working with him on a professional and personal level.
His intelligence and wit are only outshone by his friendly and helpful nature. Working with Chris is always a pleasure and a smashing success.
Chris was the driving force behind the creation of the ISOC Colorado chapter. I appreciated his leadership and technical skills and his determination. I enjoyed working with Chris on this project and I am looking forward to doing it again.
Chris is a consummate professional. Motivated, expressive, talented in everything he attempts. His skills in making things happen for the better are top notch.
I’ve never met anyone who worked as hard as he did at learning and absorbing new skills and technologies and then applying them to his work. He’s a very fast learner and an asset to anyone who has the fortune to work with him.
Chris is an engineer and leader of the highest caliber as demonstrated by his ongoing volunteer responsibilities within the Internet technical community and his unwavering drive.
Chris was always on top of current technology and how this technology would fit into his current network environment. Chris was a pleasure to work with and will be an asset to any organization lucky enough to hire him.
Chris is highly technical and has excellent organizational and follow up skills. I assigned Chris several initiatives while assigned to my team and his performance was exceptional. He is self motivated and has extensive technical knowledge.
Working with Chris has been a real pleasure. He is open, friendly, intelligent, discreet, skilled, productive, driven, resourceful and trustworthy! Our organisation has really benefitted from Chris’s skills and knowledge.
Chris is one of the most professional individuals I have ever worked with. His dedication to the success of our organization was paramount. I always relied on him to engage in intricate troubles knowing they would receive appropriate attention and follow through. Chris is an immediate asset to any organization and is most certainly.
Chris was an amazing colleague to work with. I admire his ability to understand very technical concepts as well as business and market driven ones. He has amazing stakeholder management skills, and has the ability to build relationships and manage working groups and teams. He is a true leader who is very passionate about whatever he is working on. His desire for framing strategic direction and leading execution would be an asset to any organization. I would welcome any opportunity to work with Chris again.
Chris Grundemann was among the most energetic and competent members of our Council throughout his time as an elected member. I found(find) Chris a most thoughtful man who brought insight and experience to the role, but was also always a genuine and professional member exerting leadership with tact and good humor. I think highly of Chris both as a technical professional and community leader, but also as a trusted friend.
Through the several tasks that we spent together in a professional environment, I have seen Chris accomplish things that many would consider impossible – both as a professional and technically – and neither has been a disappointment. Chris is a calculated risk-taker. He has an uncanny way of determining what the target market needs and has the capability of tweaking his designs and implementations accordingly. As a pragmatic leader and a realist, he can grasp ideas in a holistic manner and still pay attention to minor details. Chris has a well-deserved reputation as someone who is diligent and personable – two qualities that define him completely. As someone who is a creative thinker and possesses a can-do attitude, Chris is a pleasure to work with.
Chris is extremely knowledgeable and, more importantly, readily shares that knowledge with his peers to promote better overall understanding and improvement.
Chris is a strong team player with tremendous attention to detail. His approach was always well thought out with solid backing to his ideas. His role and growth in the company were key to its survival. He was also very willing and able to wear multiple hats and was a flexible asset to have on hand.
Together we conquered many challenges, won impossible battles in the vendor industry and created a unique security practice. He has an interesting set of talents of being an engineer, innovator, and a thought leader, but never mixes any of these roles. That is what makes him successful as a leader. “Never be comfortable” is what Chris would tell me, which is what pushed me to do my first tech talk. I now have dozens behind me within some of the largest conferences known in the security vendor industry. Chris is nothing short of supernatural.
Chris is one of the sharpest minds you will be lucky to come across, whether in a personal or professional setting. His ability to cut through the noise and see the relevant elements and data in any situation is remarkable.
Chris is intensely focused, dedicated, and capable. He absorbs and synthesizes data quickly, finds the leverage points, focuses on what matters, and delivers results. Any high-performing team will get a boost from engaging with Chris.
We appreciated his work ethics and clarity of thought. His mind was always on the “next step” and kept us all on our toes.
Chris is one of the most brilliant technologists and charismatic speakers I’ve met in a long time. He’s an absolute creative, has a mind focused on solutions, and is driven by a deep belief in what he does. He’s both an inspirational leader and great colleague. I’d work with Chris again any day of the week.
I have worked with Chris on several projects over the years. His leadership, cooperation, and execution skills are first class. Chris looks at the big picture, identifies necessary actions, builds a plan, and gets the project done
Chris is an exceptionally energetic individual, a talented thinker and an accomplished public speaker. He is a very rewarding person to work with due to the level of organization he brings to every project. He has vision and probity, a rare combination. I has been a great privilege to work with him.
Chris is very knowledgeable, is always willing to explain and discuss, and is great at pulling together everyone’s input and moving things forward. Working with him has been a great experience.
Chris has the talent to completely embrace and encompass a technology and from that drive results. It is obvious that Chris enjoys sharing his knowledge base and ideas with others. It was a pleasure working with Chris.
Chris was one of the go-to guys