Why SOAR and why now?
“The Gartner report reinforced the notion that there are too many security alarms and not enough people to deal with them. Without centralized security orchestration and incident response capabilities, SecOps teams are stuck manually collecting and stitching together threat information. This means security professionals are working from manual playbooks specific to individual incidents. It can be time-consuming and tedious. There’s a debilitating reduction in time they could be devoting to proactively hunting and defending their network from cyber-attacks.
Such circumstances are causing SOAR to grow in adoption and influence. Gartner estimates that by 2020, 15% of security organizations with five or more security professionals will adopt SOAR. This an increase from the current adoption rate of less than 1%. As the report notes, “The challenges from an increasingly hostile threat landscape, combined with a lack of people, expertise and budget are driving organizations toward security orchestration, automation and response (SOAR) technologies.”
Information from Swimlane