We just bought a SOAR – what should I be plugging into it?

Like the title says. My boss is very excited by the new tool (Demisto), and I've been tasked with setting up all of our integrations, but I have no idea where to start. I'm pretty good with Python, so I'm not super concerned with the actual tech work, it's more about what products/use cases I should be preparing. She's also asked me to evaluate "best of breed" alternatives to our current tools based on what use cases we're setting the SOAR up for (e.g. we have Qualys today, but maybe Tanium works better w/ Demisto).

Any advice? What do you have plugged into your SOAR?

If for opsec reasons you don't want to give brands, categories are fine… I just need to know where to start.

Touch here for the full post on Network Security Noblemen tumblr

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s