Taking SOAR To The Next Level
The first generation of Security Operations, Analytics and Reporting (SOAR) products have held their own when it comes to detecting and aggregating voluminous amounts of security information, but are ripe for displacement as customers seek more interoperability, according to FireEye CEO Kevin Mandia.
Organizations – particularly those that are multinational in nature – want to have all of their products work better together to go from alert to fix in the fastest way possible, Mandia said. Therefore, the next generation of SOAR products will need to have exceptional down-selection to help find the needle in the haystack as well as the ability to automate as much as possible, he said.
All told, Mandia said the center of security operations of the future will provide more single-click functionality from a central portal, automate many of the things still being done by humans today, and facilitate more seamless communications between products from different vendors to help solve security issues more quickly.