- SOAR 101
Gartner recently published the latest edition of its Emerging Technologies and Trends Impact Radar for security (Gartner, Emerging Technologies and Trends Impact Radar: Security, Ruggero Contu, Mark Driver, Lawrence Pingree, Elizabeth Kim, John A. Wheeler, Swati Rakheja, Nat Smith, Mark Wah, Dave Messett, Shawn Eftink, Bill Ray, 12 October 2021.). The extensive report is invaluable for any security leader, and you can download your copy of the Emerging Technologies and Trends Impact Radar report here, courtesy of D3 Security. In this blog, we’ll look at one specific trend highlighted by Gartner that is especially relevant to our world of SOAR: hyperautomation.
Hyperautomation refers to streamlining processes by automating as much as possible across multiple technologies. It can be thought of as automation on a larger scale, addressing whole systems of manual tasks instead of single actions. Gartner recently named hyperautomation one of the top strategic technology trends for 2022.
In Emerging Technologies and Trends Impact Radar: Security, analyst Mark Wah estimates the “mass” of the hyperautomation trend to be high, “because hyperautomation delivers the expected value in many industries. For more mature security operations, hyperautomation is a low-hanging fruit to capitalize on. As product and service providers demonstrate the benefits of hyperautomation, the overall mass will increase further.”
We were happy to see that D3 Security is listed in the report as a sample vendor for hyperautomation. SOAR is just one of the options for building a hyperautomation toolset, but we believe it can be the cornerstone for enterprises, MSSPs, and MDRs when developing security hyperautomation. This is because tools like D3 XGEN SOAR can integrate with virtually any other tool to exponentially increase the amount of possible automation.
One of Mark Wah’s recommended actions in Emerging Technologies and Trends Impact Radar: Security is to, “focus hyperautomation efforts on labor-intensive or repeatable processes within security operations that will benefit MSSPs, MDR providers and large enterprises rather than complex operations that require human judgment.”
We see this as the perfect use-case for SOAR, which has always been focused on automating away the repetitive tasks that waste SOC teams’ time. However, the recommendation also mentions not focusing on the tasks that require human judgement. Not all SOAR platforms are equal in their ability to incorporate human inputs into complex, automation-driven workflows, but it has always been a focus of D3’s to balance automation with human expertise.
When considering how Gartner’s recommendations about security hyperautomation can be applied, we would also point security leaders toward our newly released Event Pipeline, a game-changer for event triage, normalization, and auto-dismissal. D3’s Event Pipeline automatically reduces alert volume by as much as 98%, only escalating the events that truly require manual investigation.
One of the other recommendations in Emerging Technologies and Trends Impact Radar: Security is to, “develop key metrics such as operational metrics (MTTR, MTTD) and business metrics (profit margin) to help drive a successful hyperautomation implementation. Note that the metrics that drive the desired outcomes may not be directly related to the specific areas being automated.”
One of the reasons we see SOAR as the cornerstone of security hyperautomation is because SOAR has become a proven way for enterprises, MSSPs, and MDRs to improve business and operational metrics. SOAR has always driven MTTD and MTTR improvements for enterprise SOCs, but it has become increasingly popular as a way for managed security providers to evolve their offerings and grow profits.
D3’s MDR Toolkit in particular is a unique offering for MDRs (and MSSPs who want to compete) that combines the Event Pipeline with big data processing and end-to-end incident response—all in a fully scalable, multi-tenant solution. This is one example of how SOAR can support a hyperautomation agenda for managed service providers.
Hyperautomation is just one of the trends covered in Gartner’s extensive report. If you want to read the entire piece, you can download Gartner’s Emerging Technologies and Trends Impact Radar: Security from our resource library.
Source: Gartner, Emerging Technologies and Trends Impact Radar: Security, Ruggero Contu, Mark Driver, Lawrence Pingree, Elizabeth Kim, John A. Wheeler, Swati Rakheja, Nat Smith, Mark Wah, Dave Messett, Shawn Eftink, Bill Ray, 12 October 2021.
Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Do you want to see D3 in action? Join us for a 25-minute deep-dive demo and see how our award-winning Security Orchestration, Automation, and Response (SOAR) platform helps security teams accelerate incident response, scale processes, and learn from every incident.REGISTER NOW