Security Orchestration, Automation and Response (SOAR)
A SOAR solution centralizes cybersecurity information in order to propose automatic responses. These actions can be active one, like a direct neutralization of a malware, or this could be indirect and complex answers, like outstanding investigations. Automatic behaviors are previously configured, thanks to workflow engine. Each written scenario is a playbook that will know what to do, when something happens, etc. Usually, a SOAR is a very expensive tool, that will take months to be deployed, because you would have to configure and integrate all the external components inside the SOAR, with potential API issues, and a risk regarding the related management.
TEHTRIS XDR Platform is delivered with an integrated SOAR. The difference with a global SOAR, is that it’s insanely cheaper, and that it works from day one. Why? Because this SOAR is currently focusing on TEHTRIS ecosystems, meaning that native internal API are used, between our products like the EDR, EPP, SIEM, etc. According to us, this is the fastest way to get automation between your security products, like your antivirus and your EDR, for example.
Our integrated SOAR inside TEHTRIS XDR Platform will help at doing automatic actions, on a 24/7 basis, without humans, and without the risk of forgetting something in the too significant number of logs. This will help your organization at automatically enriching security tickets, or at automatically getting rid of some security intruders.« Back to Glossary Index