Home > Optimized > Security Orchestration, Automation and Response (SOAR)

Security Orchestration, Automation and Response (SOAR)

Integration with Security Orchestration, Automation and Response (SOAR)

In a way similar to SIEM, in customers with hybrid infrastructure, A SOAR solution is frequently used to coordinate and automate the incident response process.

The main SOAR solutions have integration with AWS Security Hub, and with AWS in general to take actions.

Splunk Phantom - Integration with AWS Security hub

SOAR Splunk Phantom

Link to documentation
Link to AWS Marketplace

Palo Alto Networks: Cortex XSOAR - Integration with AWS Security Hub

SOAR Palo Alto

Link to documentation