SOAR
Security Orchestration, Automation & Response

​Like SIEM, SOAR is designed to help cyber security teams manage and respond to endless alarms at machine speeds. Integrated Cyber takes things a step further by combining comprehensive data gathering, case management, standardization, workflow and analytics to provide organizations the ability to implement sophisticated defense-in-depth capabilities. Your SOAR features include: 

  • IC360 Incident Management and Response is based on SOAR: Security Orchestration, Automation and Response.  We do not simply detect and inform our clients about threats and vulnerabilities, but actively and sometimes automatically respond and either directly remediate or assist in the remediation with our clients’ IT organizations.

  • IC360 SOAR includes a wide and growing number of incident response playbooks to handle scenarios in a consistent and continuously measured way.  This enables us to respond to incidents quickly and with a high degree of success.

  • Our SOAR capabilities are supported by a multitude of integration, workflow automation, collaboration, and robotic process automation tools to not only orchestrate the automated responses but also engage humans in the process – both for the SOC as well as for the IRT (expert interventions).  The ability to automatically dispatch deep expertise to our global network of networks when highly challenging threats are identified is an essential part of the operating model. 

  • Integration into Client processes is also supported via a separate integration project – but it allows IC360 to seamlessly transfer tickets with an IT Service Management tool or use the same process automation to engage local client resources in key situations.