Awesome-SOAR List / Global-Standards |
NIST Cybersecurity Framework | | | |
NIST Computer Security Incident Handling Guide | | | |
Collaborative Open Playbook Standard (COPS) | 150 | over 1 year ago | by Demisto |
RE&CT Framework | 613 | over 2 years ago | a MITRE ATT&CK inspired framework specifically for actionable Incident Response techniques |
Integrated Adaptive Cyber Defense (IACD) Automate Framework | | | |
OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security | | | a standards effort to define a common language for course of action playbooks |
Awesome-SOAR List / Incident-Categories |
ServiceNow Incident Categories and Subcategories | | | |
Incident Classification/Incident Taxonomy according to eCSIRT.net | | | |
Awesome-SOAR List / Process-Resources |
Information Security Incident Management Process Document Template | | | |
Incident Response Flowchart | | | |
Critical Infrastructure Cyber Incident Management Process | | | |
SANS Incident Handler's Handbook | | | |
Awesome-SOAR List / Playbooks-Resources |
Playbooks in Visio and PDF | | | |
Top 5 Playbooks by Ayehu | | | |
Playbooks by Societe Generale | 978 | 10 months ago | |
Playbooks by guardsight | 360 | 7 months ago | |
Playbooks (cloud) by AWS | 926 | 6 months ago | |
Awesome-SOAR List / Automation-Resources |
Playbooks Automation components by Phantom | 472 | 10 days ago | |
Playbooks Automation components part 2 by Phantom | 82 | about 3 years ago | |
Playbooks Automation components by DTonomy | | | |
Playbooks Automation components by ThreatConnect | 69 | 4 months ago | |
Playbooks Automation components part 2 by ThreatConnect | 69 | 4 months ago | |
Playbooks Automation components by Rapid7 | | | |
Playbooks Automation components by Microsoft Azure Sentinel | 4,607 | 8 days ago | |
Playbooks Automation components by Ayehu | 7 | almost 2 years ago | |
Playbooks Automation components part 2 by Ayehu | 4 | about 3 years ago | |
Playbooks Automation components part 3 by Ayehu | 5 | almost 5 years ago | |
Playbooks Automation components by ThreatConnect | 69 | 4 months ago | |
Playbooks Automation components by Shuffle | 20 | about 2 years ago | |
Playbooks Automation components part 2 by Shuffle | 100 | 8 days ago | |
Playbooks Automation components by IBM Resilient Community | 91 | 8 days ago | |
Playbooks Automation components by Rapid7 | 67 | 9 days ago | |
Playbooks Automation components by TheHive Cortex | 434 | 16 days ago | |
Playbooks Automation components part 2 by TheHive Cortex | 434 | 16 days ago | |
Playbooks Automation components by WALKOFF | 1,204 | almost 2 years ago | |
Playbooks Automation components by LogRhythm | | | |
Awesome-SOAR List / User-Communities |
SOAR Telegram Group | | | |
Awesome-SOAR List / Market-Research |
State of SOAR Report 2019 | | | |
Gartner Market Guide for SOAR Solutions 2019 | | | |
DFLABS Enterprise SOAR Buyers Guide 2019 | | | |
Top 10 SOAR Solutions for 2019 | | | |
Top Reviewed SOAR's on G2 | | | |
SOAR Vendor comparison | | | |
The 8 Best SOAR Security Companies for 2020 | | | |
SANS 2020 Automation and Integration Survey Results | | | |
PeerTalk™ Panel: SOAR Trends in 2020 and Beyond | | | |
Awesome-SOAR List / Articles |
An OODA-driven SOC Strategy using: SIEM, SOAR and EDR | | | |
Why a mature SIEM environment is critical for SOAR implementation | | | |
7 Steps to Building an Incident Response Playbook | | | |
8 Ways Playbooks Enhance Incident Response | | | |
Top Security Orchestration Use Cases | | | |
Security orchestration and automation checklist | | | |
Awesome-SOAR List / Presentations |
Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018 | | | |
Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018 - SLIDES | | | |
Leveraging TheHive & Cortex for automated IR | | | |
Cloud Security Automation: From Infrastructure to App | SANS Cloud Security Summit 2019 | | | |
SANS Webcast: Automating Information Security with Python | | | |
Awesome-SOAR List / Training |
SANS SEC573: Automating Information Security with Python | | | |
SOAR-Solutions / Commercial |
Cortex XSOAR | | | Previously Demisto, now with Palo Alto Networks |
SOAR-Solutions / Commercial / Cortex XSOAR |
Demisto Blog | | | |
Palo Alto Blog | | | |
Cortex XSOAR Webinar Videos on Youtube | | | |
Demisto Webinar Videos on Youtube | | | |
Palo Alto Networks Ignite Conference Videos Youtube | | | |
Cortex XSOAR 30 Day Free Community Edition | | | |
Several Free Foundational eLearning Courses | | | |
Customer Case Studies | | | |
Demisto, Cortex XSOAR Youtube video playlist | | | |
Palo Alto Learning Center | | | |
Cortex XSOAR Documentation | | | |
Cortex XSOAR User Community | | | |
Content Developer Portal | | | |
XSOAR Github | 1,135 | 7 days ago | |
XSOAR Youtube Channel | | | |
PAN Twitter Page | | | |
LinkedIN | | | |
Online Slack Community | | | |
SOAR-Solutions / Commercial |
DTonomy SOAR | | | |
SOAR-Solutions / Commercial / DTonomy SOAR |
DTonomy Blog | | | |
DTonomy Community | | | |
DTonomy Quick Tutorial | | | |
DTonomy Doc | | | |
Request Enhancement Link | | | |
DTonomy Youtube | | | |
DTonomy Twitter | | | |
DTonomy LinkedIN | | | |
DTonomy Slack | | | |
SOAR-Solutions / Commercial |
IBM Resilient | | | |
SOAR-Solutions / Commercial / IBM Resilient |
IBM Security Resilient Community Blog | | | |
IBM Resilient On-Demand Webinars | | | |
IBM Resilient Webinar videos on Youtube | | | |
Image can be downloaded here, but requires license | | | Not Available - |
IBM Learning Academy - Couple of Free Courses | | | |
IBM Resilient Youtube Videos | | | |
IBM Learning Academy | | | |
IBM Resilient Documentation | | | |
IBM Security Resilient Support | | | |
IBM Security Resilient Community Forum | | | |
IBM Resilient Community Apps | 91 | 8 days ago | |
IBM Security Resilient Ideas (RFE's) | | | |
IBM Security Youtube Videos | | | |
Older IBM Resilient Youtube Videos | | | |
IBM Security | | | |
IBM Resilient LinkedIN | | | |
SOAR-Solutions / Commercial |
Splunk Phantom | | | |
SOAR-Solutions / Commercial / Splunk Phantom |
Phantom Blog | | | |
on demand webinars | | | |
Phantom Youtube Webinars | | | |
Splunk .Conf slides | | | |
Free Community edition available for registered users | | | |
Phantom Community Youtube Video | | | |
Paid Instructor led training | | | |
Phantom Documentation | | | |
Splunk Support page | | | |
Phantom User Community | | | |
Phantom Github Repository | 82 | about 3 years ago | |
Post Feature request in title on user forum | | | |
Phantom Team Questions Thread | | | |
Splunk Official Youtube | | | |
Phantom on Twitter | | | |
Phantom on LinkedIN | | | |
SOAR-Solutions / Commercial |
Siemplify | | | |
SOAR-Solutions / Commercial / Siemplify |
Siemplify Blog | | | |
Siemplify Webinars | | | |
Siemplify Community Edition | | | |
Siemplify Trial Edition | | | |
Siemplify Video Tour | | | |
Siemplify Resources | | | |
Siemplify Youtube | | | |
User Forum | | | |
Siemplify Support | | | |
User Forum | | | |
User Forum | | | |
User Forum | | | |
Siemplify Youtube | | | |
Siemplify Twitter | | | |
Siemplify LinkedIN | | | |
SOAR-Solutions / Commercial |
Swimlane | | | Syncurity is now acquired by Swimlane |
SOAR-Solutions / Commercial / Swimlane |
Swimlane Blog | | | |
Swimlane Webinars | | | |
Swimlane Conference | | | |
SOAR Learning Hubg | | | |
Swimlane Paid Training | | | |
Swimlane Documentation | | | |
Swimlane Support Portal | | | |
SecOps Hub User forum | | | |
App Developer Resources | | | |
Swimlane Support Portal for feature requests | | | |
Swimlane Youtube | | | |
Swimlane Twitter | | | |
Swimlane LinkedIN | | | |
SOAR-Solutions / Commercial |
Rapid7 InsightConnect | | | |
SOAR-Solutions / Commercial / Rapid7 InsightConnect |
Rapid7 Blog | | | |
Rapid7 Webinars | | | |
Rapid7 Conference | | | |
Free Trial | | | |
Free Learning Resources | | | |
Online videos Youtube | | | |
Training and Certification | | | |
Rapid7 InsightConnect Documentation | | | |
Support Login | | | |
Rapid7 Login | | | |
Rapid7 InsightConnect Developer instructions | | | |
Rapid7 InsightConnect feature requests on github | 67 | 9 days ago | |
Unofficial Rapid7 Reddit | | | |
Rapid7 youtube | | | |
Rapid7 Twitter | | | |
Rapid7 LinkedIN | | | |
SOAR-Solutions / Commercial |
ThreatConnect | | | |
SOAR-Solutions / Commercial / ThreatConnect |
ThreatConnect Blog | | | |
ThreatConnect Webinars | | | |
ThreatConnect Events | | | |
ThreaConnect Learning Portal | | | |
ThreatConnect Resources | | | |
ThreaConnect Learning Portal | | | |
ThreatConnect Documentation | | | |
ThreatConnect Support | | | |
ThreatConnect Community | | | |
ThreatConnect Apps | | | |
ThreatConnect Developer Github | 8 | 18 days ago | |
ThreatConnect Support | | | |
ThreatConnect Reddit | | | |
ThreatConnect Youtube | | | |
ThreatConnect Twitter | | | |
ThreatConnect LinkedIN | | | |
ThreatConnect Slack Channel | | | |
SOAR-Solutions / Commercial |
ATAR | | | Now part of Micro Focus (ArcSight) |
SOAR-Solutions / Commercial / ATAR |
Atar Blog | | | |
Atar Resources | | | |
Atar Youtube videos | | | |
Atar Videos | | | |
Atar Youtube | | | |
Atar Twitter | | | |
Atar LinkedIN | | | |
SOAR-Solutions / Commercial |
Ayehu | | | |
SOAR-Solutions / Commercial / Ayehu |
Ayehu Blog | | | |
Ayehu Webinars | | | |
Ayehu Conference resources | | | |
Ayehu 30 day free trial | | | |
Ayehu Resource Center | | | |
Ayehu Free Training Courses | | | |
Ayehu paid Training Courses | | | |
Ayehu Documentation | | | |
Ayehu Support Portal | | | |
Ayehu User Community | | | |
Ayehu App development | 7 | almost 2 years ago | |
Ayehu Support Portal | | | |
Ayehu Youtube | | | |
Ayehu Twitter | | | |
Ayehu LinkedIN Group | | | |
SOAR-Solutions / Commercial |
FortiSOAR | | | Previously called CyberSponse, Now part of Fortinet |
SOAR-Solutions / Commercial / FortiSOAR |
FortiSOAR Blog | | | |
Fortinet Webinar events | | | |
Fortinet Conference events | | | |
Free 45 day Community Edition | | | |
FortiSOAR Resources | | | |
FortiSOAR Youtube Videos | | | |
FortiSOAR training | | | |
FortiSOAR Documentation | | | |
FortiSOAR SUpport | | | |
FortiSOAR Community | | | |
FortiSOAR SUpport | | | |
Fortinet Reddit | | | |
FortiSOAR Youtube | | | |
FortiSOAR Twitter | | | |
FortiSOAR LinkedIN | | | |
SOAR-Solutions / Commercial |
D3 SOAR | | | |
SOAR-Solutions / Commercial / D3 SOAR |
D3 SOAR Blog | | | |
D3 Security | | | |
D3 SOAR Conference resources | | | |
D3 SOAR resources | | | |
D3 Security Tech Docs | | | |
D3 Security Youtube | | | |
D3 Security Twitter | | | |
D3 Security LinkedIN | | | |
SOAR-Solutions / Commercial |
DFLabs IncMan SOAR | | | |
SOAR-Solutions / Commercial / DFLabs IncMan SOAR |
DFLabs Blog | | | |
DFLabs Webinars | | | |
DFLabs Conference | | | |
DFLabs IncMan SOAR Community Edition | | | |
DFLabs Community portal | | | |
DFLabs Support portal | | | |
DFLabs Community portal | | | |
DFLabs Community portal | | | |
DFLabs Youtube | | | |
DFLabs Twitter | | | |
DFLabs LinkedIN | | | |
SOAR-Solutions / Commercial |
Resolve SOAR | | | |
SOAR-Solutions / Commercial / Resolve SOAR |
Resolve SOAR Blog | | | |
Resolve SOAR Webinars | | | |
Resolve SOAR Webinars | | | |
Resolve SOAR Vimeo Videos | | | |
Resolve Training | | | |
Resolve SOAR Support portal | | | |
Resolve SOAR Support portal | | | |
Resolve SOAR Vimeo | | | |
Resolve SOAR Twitter | | | |
Resolve SOAR LinkedIN | | | |
SOAR-Solutions / Commercial |
ServiceNow SecOps | | | |
SOAR-Solutions / Commercial / ServiceNow SecOps |
ServiceNow Blog | | | |
ServiceNow Secops Webinars | | | |
ServiceNow Knowledge | | | |
ServiceNow SecOps Paid Training | | | |
ServiceNow SecOps Documentation | | | |
ServiceNow Support | | | |
ServiceNow Secops User Forum | | | |
ServiceNow Secops integration | | | |
ServiceNow Support | | | |
ServiceNow Reddit Community | | | |
ServiceNow Youtube | | | |
ServiceNow Twitter | | | |
ServiceNow LinkedIN | | | |
SOAR-Solutions / Commercial |
SIRP SOAR | | | |
SOAR-Solutions / Commercial / SIRP SOAR |
SIRP Blog | | | |
SIRP Webinars | | | |
SIRP Webinars | | | |
SIRP Youtube | | | |
SIRP Twitter | | | |
SIRP LinkedIN | | | |
SOAR-Solutions / Commercial |
Tines | | | |
SOAR-Solutions / Commercial / Tines |
Tines Blog | | | |
Tines - Free Community Edition | | | |
Tines Docs | | | |
Tines Reddit Account | | | |
Tines Youtube | | | |
@tines_io | | | |
Tines LinkedIn | | | |
SOAR-Solutions / SIEM-with-SOAR-Included |
Microsoft Azure Sentinel | | | Logic Apps used as SOAR Functionality |
SOAR-Solutions / SIEM-with-SOAR-Included / Microsoft Azure Sentinel |
Product Blog | | | |
Security Webinars List | | | |
Ignite 2019 Recap | | | |
Free Trial on Azure Cloud | | | |
Azure Sentinel Ninja | | | |
Azure Documentation | | | |
Azure Support | | | |
Azure Sentinel User forum | | | |
Github Repository | 4,607 | 8 days ago | |
Azure Sentinel Product Feedback | | | |
Azure Sentinel Reddit | | | |
Azure Sentinel Youtube | | | |
Azure Sentinel Twitter | | | |
Azure Sentinel LinkedIN | | | |
Azure Sentinel Telegram group | | | |
Azure Sentinel Telegram Feed group | | | |
SOAR-Solutions / SIEM-with-SOAR-Included |
Securonix SOAR | | | |
SOAR-Solutions / SIEM-with-SOAR-Included / Securonix SOAR |
Securonix Blog | | | |
Securonix Webinars | | | |
Securonix Conference Videos on Youtube | | | |
Securonix Paid Training | | | |
Securonix Documentation | | | |
Securonix Support | | | |
Securonix User Forum | | | |
Securonix SOAR App Development | | | |
Securonix Apps on Github | 0 | over 6 years ago | |
Securonix Feature Requests | | | |
Securonix on Reddit | | | |
Securonix on Youtube | | | |
Securonix on Twitter | | | |
Securonix LinkedIN | | | |
SOAR-Solutions / SIEM-with-SOAR-Included |
LogRhythm SOAR | | | |
SOAR-Solutions / SIEM-with-SOAR-Included / LogRhythm SOAR |
LogRhythm Blog | | | |
LogRhythm Webinars | | | |
LogRhythm Conference Videos on Youtube | | | |
Available Only For Network Monitors | | | |
Free Training Videos | | | |
LogRhythm Paid Training | | | |
LogRhythm Documentation | | | |
LogRhythm Support | | | |
LogRhythm User Forum | | | |
LogRhythm Apps on Github | | | |
LogRhythm Feature Requests | | | |
LogRhythm on Reddit | | | |
LogRhythm on Youtube | | | |
LogRhythm on Twitter | | | |
LogRhythm LinkedIN | | | |
LogRhythm Telegram group | | | |
SOAR-Solutions / SIEM-with-SOAR-Included |
RSA NetWitness Orchestrator | | | Based off Demisto or ThreatConnect |
SOAR-Solutions / SIEM-with-SOAR-Included / RSA NetWitness Orchestrator |
RSA NetWitness Orchestrator Blog | | | |
RSA NetWitness Orchestrator Webinars | | | |
RSA Conference presentations | | | |
RSA Netwitness Orchestrator Training | | | |
RSA Netwitness Orchestrator Training | | | |
RSA NetWitness Orchestrator Documentation | | | |
RSA Support | | | |
RSA Support | | | |
RSA Support | | | |
RSA Youtube | | | |
RSA Twitter | | | |
RSA Linkedin | | | |
SOAR-Solutions / Open-Source |
TheHive | | | |
SOAR-Solutions / Open-Source / TheHive |
TheHive Product Blog | | | |
TheHive Youtube Videos | | | |
TheHive Conference Youtube Videos | | | |
TheHive is Open Source Software and completely free to download | 3,446 | almost 2 years ago | |
Free Training Material | 392 | about 1 year ago | |
TheHive Documentation | 392 | about 1 year ago | |
Log issue at Github | 3,446 | almost 2 years ago | |
Google Groups for User | | | |
How to write analyzers | 170 | about 1 year ago | |
Create feature requests are made on github issues | 3,446 | almost 2 years ago | |
TheHive Twitter Account | | | |
TheHive Gitter | | | |
SOAR-Solutions / Open-Source |
Shuffle | | | |
SOAR-Solutions / Open-Source / Shuffle |
Creator Medium Blog | | | |
Open Source on-prem edition | 1,741 | 7 days ago | |
Free On-Cloud version | | | |
Introduction blog | | | |
Shuffle Documentation | | | |
Contact information | | | |
Create App from Scratch | | | |
Create issue on github | 1,741 | 7 days ago | |
Shuffle Introduction | | | |
Shuffle Creator Twitter | | | |
Online Gitter Chat | | | |
SOAR-Solutions / Open-Source |
WALKOFF | | | |
SOAR-Solutions / Open-Source / WALKOFF |
WALKOFF CONFERENCE SLIDES | 1,204 | almost 2 years ago | |
WALKOFF Open Source Github Repository | 1,204 | almost 2 years ago | |
WALKOFF Toturials | | | |
WALKOFF DOCUMENTATION | | | |
WALKOFF DOCUMENTATION on Github | | | |
E-Mail WALKFOFF Support | | | |
APP DEVELOPMENT INSTRUCTIONS | | | |
Create issue on Github | 1,204 | almost 2 years ago | |
SOAR-Solutions / Open-Source |
catalyst | 350 | 15 days ago | |