Network Security SOAR Image by Gerd Altmann from Pixabay SOAR (security, orchestration, automation and response) is becoming more popular in security circles. But what is it? What does it do? Is it really a replacement for SIEM (security information and event management)? Ask different vendors, and you get a different story. To find out more, Enterprise Times asked Neelima Rustagi, Senior Director of Product Management, Palo Alto Networks, and Deidre Smith, Senior Vice President, Global Security Services at NTT Limited.

IT security teams are currently drowning under the level of alerts they are getting and having to resolve. The problem with their current technology, SIEM, is that it is often just one of several tools that IT security teams use. It is creating problems in how they assess the information from multiple tools.

Neelima Rustagi, Senior Director of Product Management, Palo Alto Networks (Image Credit: Neelima Rustagi)
Neelima Rustagi, Senior Director of Product Management, Palo Alto Networks

According to Rustagi: “clients are really asking for a single service view. They’re asking for single alerting streams. They’re asking for collaboration. Putting together this threat intelligence as well so that we can aggregate those disparate views for ourselves into a single pane of glass.”

But even when you can bring all that data into a single view, how do you action it? One of the threads that runs through this podcast is the use of playbooks. Both Rustagi and Smith agree that they are critical to how you respond to an incident.

Deidré Smith, Senior Vice President, Global Security Services at NTT Limited (Image Credit: Deidré Smith)
Deidré Smith, Senior Vice President, Global Security Services at NTT Limited

Smith says: “Playbooks certainly make a massive difference in our ability to respond because it gives us the ability to be efficient. It gives us the ability to be consistent when we’re running multiple teams on multiple continents.

“It gives us the ability to speak to the client in the same language, because at the end of the day, an incident is an incident is an incident.”

To hear what Rustagi and Smith had to say, listen to the podcast.

Where can I get it?

You can listen to the podcast by clicking on the player below. Alternatively, click on any of the podcast services below and go to the Enterprise Times podcast page.

Enterprise Times on Spotify (Image Credit: Spotify)

Enterprise Times on Soundcloud (Image Credit: Soundcloud)

Enterprise Times on Google Podcasts (Image Credit: Google)

Enterprise Times on Stitcher (Image Credit: Stitcher)

Enterprise Times on Podchaser (Image Credit: Podchaser)

LEAVE A REPLY

Please enter your comment!
Please enter your name here