Hear Us SOAR

h@shtalk
2 min readJun 22, 2023

SOAR stands for Security Orchestration, Automation and Response.

Now SOAR is not that much of a buzzword in the security world, a lot of companies don’t even have SOAR Engineers in their security teams, but is it worth making a buzz about?

Credits: https://unsplash.com/de/@nimavanghavim

Let’s start with the basics. If you’re not sure what a SOAR Engineer does in a Security Team, let me try and explain this to you from what I like to call “The 5 Year Old Perspective”.

As a SOAR engineer, your main duty is to build special tools that help the people who protect computer systems from bad things happening. You create these tools to make it easier for the people to respond quickly and effectively when something goes wrong with the computer systems.

Imagine you have a magical box that can talk to different tools and systems that monitor the computers. Your job is to teach the magical box how to understand and talk to all these different tools. This way, when something bad happens, the magical box can gather all the important information from these tools and tell the people what’s going on.

But that’s not all! You also help the magical box do things automatically. For example, if the magical box sees something bad happening, it can automatically do certain actions to stop or fix it. You teach the magical box these actions, almost like giving it superpowers, so it can…

--

--

h@shtalk
h@shtalk

Written by h@shtalk

engineer by day, offsec enthusiast always—serving tech bites that matter and pushing security automation to the next level

No responses yet