Gartner defines SOAR or (Security Orchestration, Automation and Response) as technologies that enable organizations to collect inputs monitored by the security operations team. According to Gartner, a SOAR platform uses “machine-readable and stateful security data to provide reporting, analysis and management capabilities to support operational security teams.”
SOAR tools allow an organization to define incident analysis and response procedures in a digital workflow format.
Palo Alto Networks’ (PAN) entry into the SOAR competitive landscape came by way of its acquisition of Demisto in March 2019 for US$560 million.
Relaunched on 24 February 2020 as the Cortex XSOAR (“X” for extended), the platform is marketed as empowering security teams by simplifying and harmonizing security operations across their entire enterprise.
“Collaboration across the cybersecurity community is critical to defending against advanced attacks. When organizations share best practices, tools, and procedures, everyone benefits,” said Jon Oltsik, senior principal analyst and fellow at the Enterprise Strategy Group (ESG).
He added that SOAR systems already integrate and automate key processes and technologies, and now the Cortex XSOAR Marketplace can further amplify the value of the SOAR platform community by making it more effective for all.
“Cortex XSOAR allows our customers to help solve complex security issues and take full advantage of their existing investments in security technology,” said Slavik Markovich, senior vice president of product management, Cortex XSOAR at Palo Alto Networks.
At launch, the marketplace claims to have over 450 existing integrations currently available to customers.
