Analyst house Gartner, Inc. recently released its new Market Guide for Security Orchestration, Automation and Response (SOAR) Solutions. The researchers’ Market Guide series covers new and emerging technology markets as both the solutions and the enterprise needs develop. Therefore, Gartner’s Market Guide can provide a great resource for correlating how a fledgling technology space may meet with current or future needs.
According to Gartner, “With the focus on early, more chaotic markets, a Market Guide does not rate or position vendors within the market, but rather more commonly outlines attributes of representative vendors that are providing offerings in the market to give further insight into the market itself.”
Thus, Gartner’s Market Guide for SOAR doesn’t focus on providers. Instead, it aims to provide an overarching perspective of SOAR; Gartner does mention vendors to watch as the market develops. A good portion of the vendors included in the report also operate as major players in SIEM.
At Solutions Review, we read the report and pulled out the key takeaways.
Key Findings from Gartner’s 2019 Market Guide for SOAR
Gartner mentions the following providers in their SOAR Market Guide: ATAR Labs, Ayehu, Cyberbit, CyberSponse, D3 Security, Demisto, DFLabs, EclecticIQ, IBM, Splunk, Rapid7, Resolve, ServiceNow, Siemplify, Swimlane, Syncurity, ThreatConnect, and ThreatQuotient.
In their new Market Guide, Gartner defines SOAR as “technologies that enable organizations to take inputs from a variety of sources (mostly from security information and event management [SIEM] systems) and apply workflows aligned to processes and procedures.”
Also, Gartner notes important capabilities including threat intelligence management, reporting, and incident management. Interestingly, Gartner regards SOAR solutions as a combination of other solutions such as security orchestration and automation and security incident response. This resembles the combination of SIM and SEM which led to the invention of the first SIEM solutions.
Also, the SOAR Market Guide acknowledges the early SOAR adopters offers managed security services with security operations centers. Gartner predicts that by 2022, almost a third of enterprises will utilize SOAR. This far more than the 5% currently using it. If this proves accurate, then SOAR should have a major impact on security operations in the very near future.
Other Critical Findings
Gartner points out Security Orchestration, Automation and Response still performs optimally while in their home platforms like SIRPs and SOA.
At the same time, Gartner offers plenty of advice for choosing a Security Orchestration, Automation and Response tool. These include easy coding and automation and intuitive user interfaces. Additionally, they also suggest solutions which complement security operations center tools.
You can read the full Gartner 2019 Market Guide for SOAR here.