2020 Security Orchestration, Automation and Response (SOAR) Report [ Swimlane ]

Download the 2020 SOAR Report by completing the form on the right.

Security orchestration, automation and response (SOAR) solutions are becoming
increasingly popular platforms to help organizations better manage the growing volume of
security alerts by automating time-consuming incident response processes.

The 2020 SOAR Report is based on a comprehensive survey of cybersecurity professionals
to uncover the drivers, use cases and benefits of SOAR solutions.

Key findings include:

  • Organizations see clear productivity and efficiency improvements from using SOAR.
    The reported benefits are both quantitative, such as reduced mean time to resolution
    (79%) or maximizing efficiency of security staff (76%), as well as qualitative, such
    as optimizing the value and utility of already existing tools (68%). In combination,
    these benefits can lead to bigger improvements including lower turnover of staff and
    higher morale.
  • One of the key drivers for the use of SOAR include an increase in the volume of
    threats (65%), requiring organizations to reduce the time to respond, contain and
    remediate those threats (62%) by automating processes and better utilizing the
    available staff capacity.
  • Organizations use SOAR for a variety of reasons and use cases, depending on
    priorities and existing security tools they integrate with SOAR. Popular use cases
    include SIEM triage (65%), responding to phishing attacks (62%), and threat
    intelligence (62%), to name the top three mentioned SOAR use cases.
  • The types of tools organizations integrate with their SOAR platforms depend greatly
    on the use cases they prioritize. While virtually any tool can be integrated with SOAR,
    organizations in our survey prioritize threat intelligence (71%), endpoint security
    (70%) and SIEM and log management tools (68%).

We would like to thank Swimlane for supporting this important industry research project.
We hope you find this report informative and helpful as you continue your efforts to
better manage the growing volume of security alerts by automating time-consuming
incident response processes.

More Popular Resources