Security Orchestration Automation and Response Tools
SOAR platforms for automating security workflows, orchestrating incident response, and improving SOC efficiency.
Browse 159 security orchestration automation and response tools
FEATURED
USE CASES
An automated security response system for Google Cloud that processes Security Command Center findings and executes predefined remediation actions like disk snapshots, IAM revocation, and notifications.
A Windows-based workflow automation and case management application that integrates with CrowdStrike Falcon APIs to streamline security operations and incident response processes.
A repository of sample security playbooks with ARM templates for Microsoft Sentinel that enable automated security orchestration and response capabilities.
A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.
A contribution guide that provides guidelines and instructions for developers to contribute custom activities to the Ayehu IT automation platform through GitHub pull requests.
A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
JIMI is a flow-based orchestration automation platform that combines low-code and no-code capabilities for multi-team collaboration across IT, security, and development operations.
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
Zenduty's platform provides real-time operational health monitoring and incident response orchestration to improve incident response times and build a solid on-call culture.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
Security Orchestration Automation and Response Tools FAQ
Common questions about Security Orchestration Automation and Response tools, selection guides, pricing, and comparisons.
High-value SOAR automations include: phishing triage (analyze suspicious emails, check URLs, extract IOCs, enrich with threat intel, quarantine if malicious), automated enrichment (look up IPs, domains, and file hashes across threat intel sources for every alert), endpoint isolation (automatically isolate compromised machines), and alert deduplication (group related alerts into single incidents).
