SOAR Solutions Forum 2022

  • Scheduled to Air Thursday, 10 Mar 2022 10:30AM EST (10 Mar 2022 15:30 UTC)
  • Speaker: Christopher Crowley
The SOAR Solutions Forum will explore best practices of selection, implementation,
operations, and staff use of SOAR tools. Investing in a SOAR platform is strategic and financially beneficial decision. SOAR systems can help define, prioritize, and standardize responses to cyber incidents. SOAR promises to reduce Security Operations Center (SOC) operating cost. If implemented properly, and with a commitment to ongoing operational adjustment, the SOAR can become an enabler, tracker, metrics collector, and procedure knowledge base.

The pace of IT change has become difficult to keep up with for SOCs. The SOC team should use the SOAR platform to gain insight on what the SOC does and perform it with greater speed, precision, and consistency. The challenge is SOAR tools are frequently bought to avoid the one thing that most organizations don't seem to be able to do on their own: figuring out the sequence of actions that need to be automated and bringing together the mass of data from disparate tools. The SOAR tool doesn’t replace SIEMs or analysts. It’s a tool to provide support to the analyst and enable the full power of a SIEM.