Weighing Pros and Cons of DIY Versus Outsourced Incident Response
Nowadays, the growing security orchestration, automation and response (SOAR) market, although relatively new (the term was coined several years ago), has many vendors offering solutions that IT departments can choose to customize in-house, or buy as services from managed security service providers (MSSPs).
Gartner defines SOAR as “technologies that enable organizations to collect security threats data and alerts from different sources, where incident analysis and triage can be performed leveraging a combination of human and machine power to help define, prioritize and drive standardized incident response activities according to a standard workflow.”
Using SOAR, organizations are able to implement machine-driven incident analysis and response procedure workflows to automate repetitive security tasks until (and if) human intervention is required.
Read the entire article here.