SOAR (Security Orchestration, Automation and Response)
Definition
SOAR is a platform that helps security teams automate repetitive tasks, orchestrate security processes, and accelerate incident response.
SOAR platforms combine three functions: orchestration (integrating security tools), automation (executing repetitive tasks without human intervention), and response (structured incident handling via playbooks).
Difference from SIEM: SIEM collects and analyzes data; SOAR automates the action following a SIEM alert.