This resource is no longer available
Security analysts face high alert volumes, an overload of point-products to manage and a shortage of skilled talent. Security orchestration, automation and response (SOAR) tools have served as remedies.
But not all SOAR solutions are created equal. In this white paper, Splunk outlines 10 essential capabilities that should be top-of-mind when evaluating SOAR technology, including:
- Machine-based execution of security actions using ‘playbooks’ to increase speed and efficiency
- Event and alert management capabilities to prioritize inbound security events
- Case management to drive holistic management of a security incident, from inception to resolution