This is a method of integrating and streamlining workflows across disparate tools to improve both security analyst efficiency and threat detection and response.
Modern Security Operation Centers (SOCs) typically use dozens of security tools to detect, investigate and remediate threats. More often than not, these tools do not "talk" to one another, requiring security teams to learn a variety of systems and navigate multiple dashboards to do their jobs effectively. Security orchestration addresses these challenges by integrating these tools and creating a more efficient threat detection and response workflow that typically requires input from each of these tools. Security orchestration is one part of a complete Security Orchestration Automation and Response (SOAR) solution.
View the Cybersecurity Dictionary for top terms searched by your peers.