SecOps SOAR relies on the Unified Data Model (UDM) foundation of SecOps' SIEM functionality to provide security orchestration and automation.
While SIEM correlates and contextualizes information for manual action by a SecOps team, SOAR expedites response processes through security automation and orchestration. The core of SecOps SOAR is automation playbooks.
Playbooks define the automated actions to take when specific conditions (events, or combinations of events) are triggered. SecOps SAOR provides several common playbooks, while providing the ability to import, or create custom playbooks for your SecOps workflows.
In the SecOps SOAR Journey you will navigate through five main tasks of implementation:
Next Steps: Security Operations SOAR: Step 1 - Configure Integrations