In a security environment burdened by too many tools, a shortage of skilled staff and an increasing number of cyberattacks, automation benefits that help bring efficiency and prioritization to the security operations center (SOC) are primarily delivered through security orchestration, automation and response (SOAR) solutions. Given this, it’s no surprise that the SOAR market continues to gain steady traction, as outlined by Gartner in its recently released 2020 Market Guide for SOAR Solutions.
Gartner defines SOAR solutions as having four major engines. These are workflow and collaboration, ticket and case management, orchestration and automation and threat intelligence management. By merging these engines, the solution can make a SOC more productive and cut down on incident response times by bringing together people, process and systems.
Although the prevalence of SOAR solutions continues to grow and mature, the primary buyer remains large security teams with well-established processes, a prerequisite for optimizing SOAR solutions. Because they may not have well-defined processes that help identify areas ripe for automation and orchestration, reaping the benefits of a SOAR solution can be challenging for smaller and less mature organizations.
SOAR Solutions Embedded in Other Tools
One of the most notable trends in the SOAR market during the past year is the increasing prevalence of SOAR capabilities embedded in other security technologies, such as security information and event management (SIEM) and extended detection and response (EDR).
As Gartner points out, “the SOAR market continues to build towards becoming the control plane for the gartner market guide solutions
