[UPDATE] What is SOAR? What Are The Pros And Potential Pitfalls?

PhishER-1Jessica Groopman at TechTarget's SearchSecurity forum has a great short post about SOAR, what it stands for and what the potential benefits and pitfalls are. Here is an extract with a link to the full article at the bottom. 

"As organizations around the world face a constant and dynamic barrage of cybersecurity threats, the development of tools to accelerate security operations, automation and response, or SOAR, has rapidly increased. SOAR tools are designed for the following functions:

  • Security Orchestration connects and coordinates heterogeneous tool sets and defines incident analysis parameters and processes.
  • Automation automatically triggers specific workflows, tasks and triages based on those parameters, including automated steps for lower-risk incidents.
  • Response accelerates general and targeted responses by enabling a single view for analysts to access, query and share threat intelligence.

There are two main business incentives for adopting SOAR tools in security programs.

  1. SOAR centralizes visibility and insights into threats.
  2. It simultaneously manages the more low-level incidents to support and scale human analysts

SOAR Benefits

Though adoption success may vary depending on the organization, security leaders can anticipate the following benefits of SOAR implementation:

  • improved productivity;
  • less tedious and repetitive work for humans;
  • more strategic allocation for human analysts;
  • process and operational efficiencies in alerts and triage;
  • faster incident response and remediation;
  • centralized and coordinated multivendor security tools and analytics; and
  • increased resilience against growing threat landscape.

Read the full article here, where they also list the possible pitfalls. PhishER is a great example of a SOAR product. 


Live Demo: Identify and Respond to Email Threats Faster with PhishER

With only approximately 1 in 10 user-reported emails being verified as actually malicious, how do you not only handle the phishing attacks and threats—and just as importantly—effectively manage the other 90% of user-reported messages accurately and efficiently? PhishER.


To learn how, get a product demonstration of the new PhishER Security Orchestration, Automation and Response (SOAR) platform. In this live one-on-one demo we will show you how easy it is to identify and respond to email threats faster:

  • Automate prioritization of email messages by rules you set that categorize messages as Clean, Spam, or Threat
  • Augment your analysis and prioritization of messages with PhishML, a PhishER machine-learning module
  • Search, find, and remove email threats with PhishRIP, PhishER’s new email quarantine feature for Microsoft 365 and G Suite
  • NEW! Automatically flip active phishing attacks into safe simulated phishing campaigns with PhishFlip. You can even replace active phishing emails with safe look-alikes in your user’s inbox.
  • Easily integrate with KnowBe4's email add-in button, Phish Alert, or forwarding to a mailbox works too!

Watch Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews