Solutions Review’s listing of the Vendors to Know: SOAR is a mashup of products that best represent current market conditions, according to the crowd. Our editors selected the privileged access management products listed here based on each solution’s Authority Score, a meta-analysis of real user sentiment through the web’s most trusted business software review sites and our own proprietary five-point inclusion criteria.
Who are the eight Vendors to Know in SOAR (Security Orchestration, Automation, and Response) in 2020?
The editors at Solutions Review continually research the most prominent and influential SOAR vendors to assist buyers in search of the tools befitting the needs of their organization. Choosing the right vendor and solution can be a complicated process; it requires constant market research and often comes down to more than just the solution and its technical capabilities. To make your search a little easier, we listed the Vendors to Know in SOAR.
Note: Companies are listed in alphabetical order.
2020 Vendors to Know: SOAR
Cyberbit spun out of Elbit Systems in 2015 and offers its own SOAR solution called SOC 3D.SOC 3D focuses on orchestration, automation, and big data investigation, especially for enterprise security operations centers. Further, Cyberbit also offers solutions such as Cyberbit Range for training and simulation, SCADAShield and SCADAShield Mobile for visibility and detection of threats, and Cyberbit EDR.
IBM offers its IBM Resilient solution for SOAR. IBM Resilient provides workflow, case management, and orchestration and automation capabilities. It focuses on case management, orchestration, and automation capabilities, alongside machine learning. it also provides for easier alert tracking and alert visibility. It integrates well with other firewall solutions and EDR.
Palo Alto Networks
Palo Alto Networks acquired Demisto in early 2019. Since then, it incorporated the provider into the Cortex XSOAR solution. It continues to emphasize optimizing the efficiency of enterprise security operations by offering a single platform for SOC analysts. This platform allows for IT teams to manage incidents, automate, and standardize incident response processes, and collaborate on incident investigations.
Rapid7 offers SOAR capabilities via its InsightConnect solution. The InsightConnect solution helps enterprise security analysts optimize their security operations. In terms of automation capabilities, Rapid7’s vulnerability management (InsightVM) and cloud SIEM solutions with embedded UEBA solutions (InsightIDR) allow customers to automate key security processes. Rapid7 acquired DivvyCloud in 2020.
Siemplify offers an easy-to-use user interface for enterprise SOC activities in its SOAR solution. It also provides context-driven investigation capabilities that visually correlate incidents. Siemplify can group alerts to reduce analyst response time. In fact, Siemplify can provide case management and incident alert flows to SOC analysts. Siemplify recently unveiled a cloud-native SOAR platform.
Splunk offers its own SOAR solution, Splunk Phantom. Splunk Phantom provides orchestration and automation capabilities along with case management functionality available for deployment via on-premises software. Additionally, it includes centralized visualization through the Phantom Mission Control. The Splunk licensing model uses an events-per-day (EPD) model; Splunk was named a Leader in the Gartner 2020 Magic Quadrant for SIEM.
Swimlane’s SOAR platform focuses on the orchestration and automation of existing enterprise security controls and rote tasks. It can interact with hundreds of APIs from enterprises’ existing technology stack; in fact, Swimlane even allows enterprises to reuse existing scripts. Additionally, Swimlane enables analytics and automation to be incorporated into security operations. Swimlane acquired Syncurity in 2020 for its security incident response and case management.
ThreatConnect’s SOAR solution offers a unique product architecture bringing both threat intelligence platforms and security orchestration and automation to bear. In addition, ThreatConnect provides a large ecosystem of integrations. It won an award from CyberSecurity Breakthrough for its SOAR solution and was named to the Inc. 5000 for the second year in a row.
To learn more about the 2020 Vendors to Know: SOAR, check out Solutions Review’s other resources, including our Buyer’s Guide. We cover the top providers and their key capabilities in detail.
Latest posts by Ben Canner (see all)
- Risked Based Security Reveals 2020 Year End Data Breach Report - January 21, 2021
- Running in Sand: How to Avoid Getting Stuck at the Onboarding Stage - January 19, 2021
- Dwell Time: The Cyber-Threat Peril You Haven’t Considered? - January 14, 2021