The State of SOAR Report, 2019


Learn How SOAR Can Elevate Your Incident Response

Every security team has its own set of security tools, competencies, common use cases and compliance requirements. One of the few common threads that weaves through all these elements is the process for responding to a security incident. 

This sponsored study of security professionals around the world delves into their challenges across the incident response (IR) lifecycle, the tools they use and the capabilities they feel are missing from their tool stacks.

As IR becomes more critical during remote operations, it’s important to understand what security teams need to effectively manage their SOC. With knowledge of the current trends, organizations can equip their security team with the capabilities they need to ensure a secure remote SOC.

The report reveals some interesting trends:

  • Playbooks are on the rise. More than 50% of respondents use either automated or mixed automated and manual playbooks to implement IR processes.
  • Product silos persist. Roughly 50% of respondents use six or more distinct security tools for IR.
  • It’s a team effort. Security teams must often work with IT teams (85%), NOC teams (53%) and DevOps teams (39%) for IR.
  • There’s more than just IR. Apart from day-to-day operations, security teams oversee vulnerability management (72%), compliance checks (61%) and cloud security (41%).

Check out the full report to learn more.

Understand the state of SOAR