《Splunk：SOAR买方指南（英文版）（19页）.pdf》由会员分享，可在线阅读，更多相关《Splunk：SOAR买方指南（英文版）（19页）.pdf（19页珍藏版）》请在三个皮匠报告上搜索。

1、The SOAR Buyers GuideThe who,what,where,when and why of buying a security orchestration,automation and response solutionTable of ContentsWhat Is SOAR?.3What is security orchestration?.3What is security automation?.4What is security response?.4Top SOAR use cases.5SOAR Essentials.6Evaluation criteria.

2、6 Core capabilities.6 Platformattributes.13 Business considerations.16Enter Splunk.17More ways to integrate.17The SOAR Buyers Guide|Splunk1The SOAR Buyers Guide|Splunk2Theres never been a better time to invest in a security orchestration,automation and response(SOAR)solution.Gone are the days where

3、security teams had to manually respond to incidents;now,security teams can work smarter not harder by automating repetitive tasks,increasing analyst productivity and accuracy,and better protecting the business.Alltoooften,securityteamsfindthemselvesplaguedbyanalystgruntwork.Security operations work

4、is rife with monotonous,routine and repetitive tasks,especially at the Tier-1 analyst level.Theres also a shortage of over one million cybersecurity professionals with the necessary knowledge and expertisetostaffsecurityoperationscenters(SOCs)aroundtheworld.Other common challenges include(but are ce

5、rtainly not limited to):Too many alerts:Analysts are overwhelmed by hundreds(if not thousands)of security alerts.The sheer volume can quickly overwhelm a security team increasing security incident backlogs and leading to the much-dreaded“alert fatigue.”Too many siloed point-products:Teams are expect

6、ed to juggle disconnected security tools,consisting of static,independent controls and zero interoperability.When tools dont work together,security gaps are inevitable,and attackers can(and will)exploit them.The skills gap:StaffingaSOCisnoeasytask.Qualifiedanalystsareinshortsupply,and turnover is ex