Gartner Blog Network

Category: 'soar' Blog Posts

from the Gartner Blog Network

Canned Playbooks: Are They Realistic?

by Anton Chuvakin  |  March 15, 2019

One of the new ideas we had for a 2019 research paper is something clients often (well, often–ish) ask about: what to do if you encounter a particular threat or...

Read more »

Comments: 2

Two Doors to SOAR Visual

by Anton Chuvakin  |  March 8, 2019

This post is inspired by an idea (and a visual) from my esteemed colleague Toby Bussa. It reflects our view that while you have TWO major routes to security orchestration,...

Read more »

Comments: 2

SOAR-native SOC, Can This Work?

by Anton Chuvakin  |  July 13, 2018

This post is part of our current SOC research, but it also touches on our past SOAR research. Here is the thing: when we looked at SOAR technology, we mostly...

Read more »

Comments: 6

Can You Do a SIEM-less SOC?

by Anton Chuvakin  |  June 26, 2018

Along the lines of this post where we discussed the concept of “SIEM alternatives”, let’s discuss this in the context of a modern SOC. Will I ever do or recommend...

Read more »

Comments: 5

SOAR Webinar Questions - Answered

by Anton Chuvakin  |  April 16, 2018

Here are my recent SOAR webinar Q&A (also see webinar recording link, our amazing SOAR paper [Gartner GTP access required, but everybody can see the outline]) The questions are edited...

Read more »

Upcoming Webinar: Prepare Your Security Operations for Orchestration and Automation Tools

by Anton Chuvakin  |  March 28, 2018

I am super-super-busy preparing the materials for Gartner Security Summit 2018, but here is a quick one – I am doing a webinar on SOAR next week. Title: “Prepare Your...

Read more »

Comments: 1

SOAR and Ticketing: Friends, Frenemies or the Same thing?

by Anton Chuvakin  |  November 3, 2017

We continue our journey through SOAR mysteries with this one: what is the relationship between case management (aka ticketing) and SOAR? So far, we have encountered these views (overdramatized for...

Read more »

Comments: 6

SOAR and "Curve-jumping" in Security Operations

by Anton Chuvakin  |  October 20, 2017

Lets think about this together -- can you really jump to the “next curve” in security, or do you have to travel the entire journey from the old ways to...

Read more »

Comments: 7

SOAR: Magic or Mundane?

by Anton Chuvakin  |  October 6, 2017

When we think of Security Orchestration, Automation and Response (SOAR) nowadays (and we do think a lot about SOAR), we primarily think of this: SOAR = security workflow + security...

Read more »

Comments: 3

SOAR Research Coming ... Brace for Impact!!

by Anton Chuvakin  |  September 13, 2017

We interrupt our regular (SIEM, for now) programming to pre-announce our Q4 2017 (to spill over onto 2018) research on SOAR (which, by then, will likely stand for Security Orchestration,...

Read more »

Comments: 9