Podcast Episode Details

Back to Podcast Episodes
Security Orchestration, Automation, and Response for Security Analysts: Learn the secrets of SOAR to improve MTTA and MTTR

Security Orchestration, Automation, and Response for Security Analysts: Learn the secrets of SOAR to improve MTTA and MTTR

Focuses on SOAR solutions and their role in modern cybersecurity. It emphasizes the need for automated responses to security incidents due to the overwhelming number of alerts and the shortage of skilled cybersecurity personnel, particularly in Security Operations Centers (SOCs). The book details the key components of SOAR, including incident management, investigation, automation, reporting, threat intelligence (TI), and threat and vulnerability management (TVM), explaining how these elements work together to improve efficiency. Specific SOAR tools like Microsoft Sentinel SOAR, Splunk SOAR (Phantom), and Google Chronicle SOAR (Siemplify) are examined, with a particular emphasis placed on practical examples and configurations using Microsoft Sentinel automation rules and playbooks (Logic Apps). The text also covers important considerations like permissions, triggers, actions, and the use of dynamic content and expressions for effective automation, while stressing that automation is a tool to assist, not replace, SOC analysts.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cyber_security_summary

Get the Book now from Amazon:
https://www.amazon.com/Security-Orchestration-Automation-Response-Analysts/dp/1803242914?&linkCode=ll1&tag=cvthunderx-20&linkId=c65a462bc2325d65fce69cdf2b87a0bb&language=en_US&ref_=as_li_ss_tl

Published on 2 weeks ago





If you like Podbriefly.com, please consider donating to support the ongoing development.

Donate

© 2025 Developer Service

DevAsService

DevAsService

Cloud Home Lab

Developer Service

Imaginator

Courses Developer Service

Is It Clickbait