I think the main difference is that SOAR ingests numerous types of logs and event data infrastructure components, while SIEM can fetch data from endpoint security software and external threat intelligence feeds.
That makes sense to me. SOAR is about the collection and analysis, while SIEM is about the automation and response. We need both in a comprehensive security strategy.
Haha, yeah, that one was a bit of a head-scratcher. I can just picture a SOAR system being like, 'Nah, I'm not going to alert you to that suspicious activity. I'll just handle it myself!'
Haha, yeah, that one was a bit of a head-scratcher. I can just picture a SOAR system being like, 'Nah, I'm not going to alert you to that suspicious activity. I'll just handle it myself!'
A) SOAR ingests numerous types of logs and event data infrastructure components and SIEM can fetch data from endpoint security software and external threat intelligence feeds
C) SIEM raises alerts in the event of detecting any suspicious activity, and SOAR automates investigation path workflows and reduces time spent on alerts
A) SOAR ingests numerous types of logs and event data infrastructure components and SIEM can fetch data from endpoint security software and external threat intelligence feeds
upvoted 0 times
...
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
My
5 months agoMacy
5 months agoRoslyn
6 months agoMy
6 months agoMacy
6 months agoCecil
6 months agoDelpha
6 months agoIzetta
7 months agoOren
7 months agoCarissa
7 months agoLezlie
7 months agoRodrigo
8 months agoArletta
8 months agoLawrence
8 months agoChan
8 months agoMariko
8 months agoFelix
8 months agoGracia
8 months ago