Reducing response time, including incident containment and remediation, is one of the most effective ways to control the impact of a security incident. Currently, while the average time to respond to threats across industries is trending downward, security operations personnel still have to contend with complex operational processes and scarce resources, skills, and budgets.

As organizations face an increasing number of security threats, security operations professionals want to be able to quickly identify threats and respond and remediate them. Against this backdrop, the demand for security orchestration, automation and response (SOAR) technologies has grown significantly. The emergence of SOAR can solve the problem of personnel shortage in the response process, improve the quality and speed of alert classification, reduce response time, and reduce the work pressure of security personnel.

In order to better understand the security operation automation needs of Chinese enterprises, deal with the difficulties and challenges in the security operation of enterprises, help enterprises to build the automatic security operation and maintenance capabilities that can be implemented, and at the same time find that the cybersecurity industry in my country is truly capable, implementable and leading An innovative new generation of SOAR technology solutions, Anniu invited more than ten user experts from industries such as finance, operators, medical care, and large state-owned enterprises, and cooperated with Qi Anxin, Tianrongxin, Shenzhou Taiyue, Wuzhi Intelligence, Anheng Seven domestic representative SOAR technology manufacturers, including Infocom, AsiaInfo, and Hillstone, officially launched the “2021 Enterprise Security Operation Automation Application Guide” report research and related research work. The paper version of the report will be officially released in the fourth quarter of this year.

guiding ideology

According to the research needs, this report and research will comprehensively adopt research methods such as regulation and standard sorting, user interviews, questionnaire surveys, case studies, experience forecasting, data statistical analysis, inductive summary, deductive reasoning, etc. Development, vendor capabilities, scenario-based applications and other dimensions.

Research principles

The report will follow the basic principles of being objective, truthful, scientific, reasonable, and practical, and conduct relevant research work under the guidance of legal norms, comprehensiveness, forward-looking and feasibility.

according to law

Research should be carried out under the guidance of relevant national and industry norms, and research must comply with national policies and systems related to information security, as well as relevant national systems and standards for hierarchical protection. Reasonable and appropriate reference to the international advanced enterprise security operation best practices.

comprehensive coverage

This research includes but is not limited to safety management, safety operation, safety risk responsibility, and identification of people, technology and related construction requirements.

forward-looking principles

The research fully reflects the current system architecture, technological evolution and key technologies for the construction of security operation automation capabilities. The output of the report should be able to effectively guide the network security operation work planning of Chinese enterprises in the next 3-5 years.

enforceability principle

The research output should be able to put forward construction suggestions that are in line with the construction of Chinese enterprises’ safety operation capabilities, and guide the design of top-level solutions, construction of safety systems, selection of technologies, selection of products, and even implementation.

report outline

The main contents of this report include:

Difficulties and Challenges of Safe Operation in Modern Enterprises

The Development and Current Situation of SOAR Technology

Enterprise security operation automation capability building

Typical application scenarios and representative case studies

The future development trend of security operation automation

Product Selection Guide and Capability Evaluation of Representative Manufacturers

The Links:   SX17Q01C6BLZZ PM150CSE060