{"id":3024,"date":"2020-05-12T14:59:26","date_gmt":"2020-05-12T18:59:26","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=3024"},"modified":"2020-05-12T14:59:26","modified_gmt":"2020-05-12T18:59:26","slug":"will-soar-cybersecurity-replace-siem-in-the-near-future","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/","title":{"rendered":"Will SOAR Cybersecurity Replace SIEM in the Near Future?"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1387\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg\" alt=\"Will SOAR Cybersecurity Replace SIEM in the Near Future?\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod-300x150.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod-768x384.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod-540x270.jpg 540w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod-162x81.jpg 162w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Will <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/soar-buyers-guide-security-orchestration-automation-and-response\/\" target=\"_blank\" rel=\"noopener noreferrer\">SOAR<\/a> (security orchestration, automation, and response) once day replace Security Information and Event Management (<a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM<\/a>)? If so, why would SOAR replace SIEM? Have the lines between the two solutions blurred, and if so how?\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">After all, SIEM now features some automation and response capabilities. Either through innovation or acquisition, SIEM solutions often boast SOAR capabilities. However, this does not mean that SIEM can replace or replicate the effects of a sturdy SOAR solution. Rather, it may indicate that SOAR represents the future of SIEM.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/><\/span><\/p>\n<h2 style=\"text-align: justify\"><b>How SOAR May Replace SIEM: A Historical Path<\/b><\/h2>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">First, before we can determine whether SOAR may one day replace SIEM, we must determine what these solutions offer. For the sake of this conversation, we plan to focus on next-generation SIEM.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Next-generation SIEM serves as a cybersecurity tool based on log aggregation and threat intelligence. It collects security event information from throughout the IT environment, normalizes it, and analyses it for potential warning signs. From there, SIEM creates an alert that can prompt IT security teams to investigate and initiate incident response.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Additionally, next-generation solutions work to solve the problems once posed by legacy solutions. Legacy solutions struggled with false positives and false negatives, creating alert fatigue. Also, older solutions can\u2019t aggregate log and event data from newer environments like the cloud or from software-as-a-service. Moreover, legacy SIEM often created maintenance problems, especially for businesses with limited cybersecurity resources.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Next-generation SIEM also incorporates more threat intelligence, enabling capabilities like user and entity behavior analytics (UEBA) and threat hunting.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Meanwhile, SOAR works to address some of the challenges presented by SIEM through streamlining once-manual tasks. In fact, through automation and orchestration, SOAR can help eliminate the most consistent challenge to optimal cybersecurity: human error. Additionally, SOAR works to integrate security tools and then automate them according to incident response playbooks.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">For example, SOAR gathers alarm data from all of the integrated platforms; further, it puts them into a single location for additional investigation. Also, SOAR\u2019s case management allows IT security professionals to research, assess, and perform additional relevant investigations from within a single case.\u00a0\u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Looking at SOAR from this perspective, it seems the logical extension of SIEM. But does that mean it will replace SIEM?\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>SOAR: Extension of SIEM or Replacement?\u00a0<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Some security experts read the rise of SOAR as a response to the problems of SIEM. Indeed, there is some validity to this reading, as SIEM can still pose a labor challenge to the uninitiated or unprepared.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, this neglects the fact that SOAR solutions often <\/span><i><span style=\"font-weight: 400\">draw from<\/span><\/i><span style=\"font-weight: 400\"> SIEM solutions. After all, SIEM aggregates critical logs and alert information. With it, SOAR would lose a vital source of insight into enterprise networks. Further, SOAR works through integration, binding SIEM to other critical cybersecurity solutions like endpoint security and identity management.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, it remains unclear whether SOAR may one day incorporate SIEM capabilities into its own offerings. Certainly, it follows the pattern of modern cybersecurity solutions to evolve into new markets as demands change. The importance of automation certainly matters as the cybersecurity staffing crisis deepens. Is now the time for true innovation?\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">You can learn more in our <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener noreferrer\">SIEM Buyer\u2019s Guide<\/a> and <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/soar-buyers-guide-security-orchestration-automation-and-response\/\" target=\"_blank\" rel=\"noopener noreferrer\">SOAR Buyer\u2019s Guide<\/a>.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><br \/>Widget not in any sidebars<br \/>\u00a0\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Will SOAR (security orchestration, automation, and response) once day replace Security Information and Event Management (SIEM)? If so, why would SOAR replace SIEM? Have the lines between the two solutions blurred, and if so how?\u00a0 After all, SIEM now features some automation and response capabilities. Either through innovation or acquisition, SIEM solutions often boast SOAR [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":1387,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[353,95,212,21,57,22,1092,373],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Will SOAR Cybersecurity Replace SIEM in the Near Future?<\/title>\n<meta name=\"description\" content=\"Will SOAR (security orchestration, automation, and response) once day replace Security Information and Event Management (SIEM)?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Will SOAR Cybersecurity Replace SIEM in the Near Future?\" \/>\n<meta property=\"og:description\" content=\"Will SOAR (security orchestration, automation, and response) once day replace Security Information and Event Management (SIEM)?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-12T18:59:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/\",\"name\":\"Will SOAR Cybersecurity Replace SIEM in the Near Future?\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg\",\"datePublished\":\"2020-05-12T18:59:26+00:00\",\"dateModified\":\"2020-05-12T18:59:26+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Will SOAR (security orchestration, automation, and response) once day replace Security Information and Event Management (SIEM)?\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg\",\"width\":800,\"height\":400,\"caption\":\"Will SOAR Cybersecurity Replace SIEM in the Near Future?\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Will SOAR Cybersecurity Replace SIEM in the Near Future?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\",\"description\":\"Buyer&#039;s Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Will SOAR Cybersecurity Replace SIEM in the Near Future?","description":"Will SOAR (security orchestration, automation, and response) once day replace Security Information and Event Management (SIEM)?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/","og_locale":"en_US","og_type":"article","og_title":"Will SOAR Cybersecurity Replace SIEM in the Near Future?","og_description":"Will SOAR (security orchestration, automation, and response) once day replace Security Information and Event Management (SIEM)?","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","article_published_time":"2020-05-12T18:59:26+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/","name":"Will SOAR Cybersecurity Replace SIEM in the Near Future?","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg","datePublished":"2020-05-12T18:59:26+00:00","dateModified":"2020-05-12T18:59:26+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Will SOAR (security orchestration, automation, and response) once day replace Security Information and Event Management (SIEM)?","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/09\/Questions-mod.jpg","width":800,"height":400,"caption":"Will SOAR Cybersecurity Replace SIEM in the Near Future?"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/will-soar-cybersecurity-replace-siem-in-the-near-future\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Will SOAR Cybersecurity Replace SIEM in the Near Future?"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","description":"Buyer&#039;s Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3024"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=3024"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/3024\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/1387"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=3024"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=3024"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=3024"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}