Grid® for Security Orchestration, Automation, and Response (SOAR) Software
Security Orchestration, Automation, and Response (SOAR) Software Definition
Security orchestration, automation, and response (SOAR) software products are tools used to help integrate security technologies and automate incident-related tasks. These tools integrate with a company’s existing security solutions to help users build and automate workflows, simplifying the incident response process and reducing the amount of human intervention necessary to handle security incidents. Companies use these tools to create a centralized system complete with visibility into a company’s security software and operational processes. These tools also reduce the time it takes to respond to incidents, as well as the potential for human error in remediating security threats and vulnerabilities.
SOAR platforms combine aspects of vulnerability management, incident response, and security information and event management (SIEM) solutions. SOAR products are designed to provide some of each tool’s respective functionality or integrate with third-party tools. Once integrated, processes can be designed to identify incidents and automate remediation tasks.
To qualify for inclusion in the Security Orchestration, Automation, and Response (SOAR) category, a product must:
- Integrate security information and incident response tools
- Allow security professionals to build response workflows
- Automate incident management and response tasks within workflows
- Provide formalized incident, workflow, and performance reports
Security Orchestration, Automation, and Response (SOAR) Grid® Scoring Description
Products shown on the Grid® for Security Orchestration, Automation, and Response (SOAR) have received a minimum of 10 reviews/ratings in
data gathered by March 07, 2023. Products are ranked by customer satisfaction (based on user reviews) and market
presence (based on market share, seller size, and social impact) and placed into four categories on the
Grid®:
- Products in the Leader quadrant are rated highly by G2 users and have substantial Market Presence scores. Leaders include: PhishER, Tines, Microsoft Sentinel, Palo Alto Networks Cortex XSOAR, and LogPoint
- High Performing products have high customer Satisfaction scores and low Market Presence compared to the rest of the category. High Performers include: CrowdSec, Blumira Automated Detection & Response, Shuffle, SIRP, and LogicHub
- Contender products have relatively low customer Satisfaction scores and high Market Presence compared to the rest of the category. While they may have positive reviews, they do not have enough reviews to validate those ratings. Contenders include: Sumo Logic
- Niche products have relatively low Satisfaction scores and low Market Presence compared to the rest of the category. While they may have positive reviews, they do not have enough reviews to validate those ratings. Niche products include: Swimlane, D3 Security, Demisto, IBM Security QRadar SOAR, and Chronicle SOAR (formerly Siemplify)
© 2023 G2, Inc. All rights reserved. No part of this publication may be reproduced or distributed
in any form without G2’s prior written permission. While the information in this report has been
obtained from sources believed to be reliable, G2 disclaims all warranties as to the accuracy,
completeness, or adequacy of such information and shall have no liability for errors, omissions, or inadequacies in such information.
