Last week marked an important milestone for the Security Orchestration and Automation market. Gartner Research issued their most comprehensive research to date - Innovation Insight for Security Orchestration, Automation and Response or SOAR for short (Available to Gartner subscribers).
The research paper is a great read and provides key insights into the current state, benefits and uses of SOAR solutions. Here are a few of the highlights from the research.
- Market set to SOAR (pun intended!) - according to Gartner, by year-end 2020, 15% of organizations with a security team larger than five people will leverage SOAR tools for orchestration and automation reasons
- Terminology demystified - the research does a great job to distinguish between orchestration, automation, incident management etc. In short, Gartner underscores what we have always believed at Siemplify - orchestration, defined as the ability to coordinate informed decision making, and formalize and automate responsive actions is the heart of SOAR. Automation is defined as a subset of orchestration, and includes automating mundane tasks that do not require human interpretation such as data collection or preset response procedures.
- Selection Criteria - the research provides a good initial list of selection criteria for SOAR solutions. including an intuitive way to add new playbooks and an easy method to create your own integrations that are not included in the out-of-the-box integrations.