Security Orchestration Automation and Response (SOAR)
Content of Figures
- Figure 1 The Overall Leadership rating for the SOAR market segment
- Figure 2 Product Leaders in the SOAR market segment
- Figure 3 Innovation Leaders in the SOAR market segment
- Figure 4 Market Leaders in the SOAR market segment
- Figure 5 The Market/Product Matrix.
- Figure 6 The Product/Innovation Matrix.
- Figure 7 The Innovation/Market Matrix.
1 Introduction
As the number and sophistication of cyberattacks have continued to increase over the years, some vendors realized that the traditional approaches and ...
Login Get full Access1.1 Market Segment
The SOAR market, while still far from reaching full maturity, already has a reasonably well-established terminology and core set of capabilities. The ...
Login Get full Access1.2 Delivery models
SOAR solutions often require complex deployment models. In most cases, on-premise components must be implemented, including software agents for upstre ...
Login Get full Access1.3 Required capabilities
Broadly speaking, there are three major concentrations of technical capabilities within SOAR solutions.
Security data collection, correlation and en ...
Login Get full Access2 Leadership
Selecting a vendor of a product or service must not only be based on the information provided in a KuppingerCole Leadership Compass. The Leadership Co ...
Palo Alto Networks, IBM, D3 Security, Exabeam, and ServiceNow are the overall leaders in this edition of the Leadership Compass on SOAR. Each of their ...
Product Leadership is where we examine the functional strength and completeness of services.
Palo Alto is at the top of the Product Leadership cha ...
Login Get full AccessNext, we examine innovation in the marketplace. Innovation is, from our perspective, a key capability in all IT market segments. Customers require i ...
The Innovation Leaders are Palo Alto, D3 Security, Siemplify, IBM, DF Labs, Exabeam, and ServiceNow. All are SOAR specialists (or were if you consider ...
Login Get full AccessLastly, we analyze Market Leadership. This is an amalgamation of the number of customers, number of transactions evaluated, ratio between customers ...
IBM and ServiceNow are the Market Leaders. Both have not only good SOAR products that many customers are using, but they also have financial strength, ...
Login Get full Access3 Correlated View
While the Leadership charts identify leading vendors in certain categories, many customers are looking not only for a product leader, but for a vendor ...
Login Get full Access3.1 The Market/Product Matrix
The first of these correlated views contrasts Product Leadership and Market Leadership
Vendors below the line have a weaker market position than expected according to their product maturity. Vendors above the line are sort of “overperf ...
Login Get full Access3.2 The Product/Innovation Matrix
This view shows how Product Leadership and Innovation Leadership are correlated. It is not surprising that there is a pretty good correlation between ...
Vendors below the line are more innovative; vendors above the line are, compared to the current Product Leadership positioning, less innovative.
The ...
Login Get full Access3.3 The Innovation/Market Matrix
The third matrix shows how Innovation Leadership and Market Leadership are related. Some vendors might perform well in the market without being Innova ...
This chart shows how innovation is received in the marketplace.
IBM and ServiceNow are the Big Ones in SOAR. They have the intersection of sizable m ...
Login Get full Access4 Products and Vendors at a glance
This section provides an overview of the various products we have analyzed within this KuppingerCole Leadership Compass on SOAR. This overview goes in ...
Login Get full Access4.1 Ratings at a glance
Based on our evaluation, a comparative overview of the ratings of all the products covered in this document is shown in Table 1.
Login Get full AccessIn addition, we provide in Table 2 an overview which also contains four additional ratings for the vendor, going beyond the product view provided in t ...
Login Get full AccessIn Innovativeness, this rating would be applied if vendors provide none or very few of the more advanced features we look for, such as support for MFA ...
Login Get full Access5 Product/service evaluation
This section contains a quick rating for every product/service we’ve included in this KuppingerCole Leadership Compass document. For many of the pro ...
Login Get full Access5.1 D3 Security
D3 Security was founded in 2003 in Vancouver. The company is privately held. D3’s focus is on “intent-based SOAR”, which uses attacker technique ...
Login Get full Access5.2 DFLabs
DFLabs was founded in Milan in 2004. They are a privately funded SOAR specialist now. They do not operate their software as a service, but they licens ...
Login Get full Access5.3 Exabeam
Exabeam was founded in 2013 in Silicon Valley. They are a late-stage, well-funded but still private security analytics company. Exabeam offers a fully ...
Login Get full Access5.4 IBM
IBM covers the SOAR technology area with the conjunction of three products listed above. IBM has a full security and identity management solutions, of ...
Login Get full Access5.5 ManageEngine
ManageEngine is a division of privately held ZOHO and was founded in 1996. ManageEngine also has products for IT Help Desk management, patch and vulne ...
Login Get full Access5.6 Micro Focus
Micro Focus is an IT software vendor with products covering many aspects of security, including a leading SIEM product that it acquired in 2010, ArcSi ...
Login Get full Access5.7 Palo Alto Networks
Palo Alto Networks, founded in 2005 in Santa Clara, CA, was the pioneer in Next Generation Firewall (NGFW) technology, and is also a major player in t ...
Login Get full Access5.8 ServiceNow
ServiceNow, founded in 2004 in San Diego, is a large IT management, operations, and business management software vendor. They also have products in th ...
Login Get full Access5.9 Siemplify
Siemplify is a mid-stage startup concentrating on SOAR. They were founded in 2015 and are headquartered in New York. Deployments have on-premise compo ...
Login Get full Access5.10 SIRP
SIRP is an early stage startup founded in 2017 and based in London. Their sole product is SOAR which is focused on risk-based security operations. The ...
Login Get full Access5.11 ThreatConnect
ThreatConnect is a mid-stage equity-backed security firm headquartered in Arlington, VA. They were founded in 2011. Their solution encompasses threat ...
Login Get full Access6 Vendors and Market Segments to watch
Aside from the vendors covered in detail in this Leadership Compass document, we also observe other vendors in the market that we find interesting. So ...
Login Get full Access6.1 LogRhythm
LogRhythm was founded in Denver in 2003 and was acquired by Thoma Bravo in 2018. As the name implies, they started with log management and SIEM. Today ...
Login Get full Access6.2 Rapid7
Boston-based Rapid7 was established in 2000. They have a suite of interrelated security products covering UBA, SIEM, patch and vulnerability managemen ...
Login Get full Access6.3 Securonix
Securonix was formed in 2008 and is headquartered in Dallas. Their security analytics platform includes Data Lake, NDR (NTA), SIEM, and UBA. Securonix ...
Login Get full Access6.4 Swimlane
Swimlane is a mid-stage security specialist that launched in 2014 in Denver. Swimlane is a SOAR specialist.
Swimlane has almost 150 integrations co ...
Login Get full Access6.5 ThreatQuotient ThreatQ and Threat Investigations
ThreatQuotient is a venture-backed threat intelligence and SOAR specialist headquartered in Reston, VA, outside Washington, DC. The company was founde ...
Login Get full Access7 Related Research
Leadership Compass: Network Detection and Response – 80126
Market Compass: Endpoint Protection Detection and Response – 80508
Market Compass: Cloud Access Security Brokers – 80079
Market Compass: Cloud Backup and Disaster Recovery – 71176
Leadership Brief: Incident Response Management - 80344
Leadership Brief: Responding to Cyber Incidents - 80209