Information Technology

Gartner Glossary

Security Orchestration, Automation and Response (SOAR)

SOAR refers to technologies that enable organizations to collect inputs monitored by the security operations team. For example, alerts from the SIEM system and other security technologies — where incident analysis and triage can be performed by leveraging a combination of human and machine power — help define, prioritize and drive standardized incident response activities. SOAR tools allow an organization to define incident analysis and response procedures in a digital workflow format.

Experience Gartner conferences

Master your role, transform your business and tap into an unsurpassed peer network through our world-leading virtual and in-person conferences.

Gartner Webinars

Expert insights and strategies to address your priorities and solve your most pressing challenges.