Security Orchestration, Automation and Response (SOAR)
A SOAR solution centralizes cybersecurity information in order to propose automatic responses. These actions can be active, like a direct neutralization of a malware, or they can be indirect and complex, like outstanding investigations. Automatic behaviors are previously configured, thanks to a workflow engine. Each written scenario is a playbook that will know what to do, when something happens, etc. Usually, a SOAR is a very expensive tool that takes months to be deployed, because all the external components have to be configured and integrated inside the SOAR, with potential API issues and risks regarding the related management.
TEHTRIS XDR Platform is delivered with an integrated SOAR. The difference between this and a global SOAR is that it is incredibly cheaper and it works from day one. Why? Because our integrated SOAR focuses on TEHTRIS ecosystems, meaning that native internal API are used between all our products like EDR, EPP, SIEM, etc. According to us, this is the fastest way to get automation between your security products, like your antivirus and your EDR, for example.
Our integrated SOAR inside TEHTRIS XDR Platform performs automatic actions 24/7, without human intervention, and without the risk of forgetting something in the significant number of logs. This automatically enriches your organization’s security tickets and eliminates some security intruders.« Back to Glossary Index