Security Orchestration, Automation, and Response for Security Analysts

What your journey will look like
With the help of this expert-led book, you’ll become well versed with SOAR, acquire new skills, and make your organization's security posture more robust.
You’ll start with a refresher on the importance of understanding cyber security, diving into why traditional tools are no longer helpful and how SOAR can help.
Next, you’ll learn how SOAR works and what its benefits are, including optimized threat intelligence, incident response, and utilizing threat hunting in investigations.
You’ll also get to grips with advanced automated scenarios and explore useful tools such as Microsoft Sentinel, Splunk SOAR, and Google Chronicle SOAR.
The final portion of this book will guide you through best practices and case studies that you can implement in real-world scenarios.
By the end of this book, you will be able to successfully automate security tasks, overcome challenges, and stay ahead of threats.

Type
ebook
Category
Security
publication date
2023-07-21
what you will learn

Reap the general benefits of using the SOAR platform
Transform manual investigations into automated scenarios
Learn how to manage known false positives and low-severity incidents for faster resolution
Explore tips and tricks using various Microsoft Sentinel playbook actions
Get an overview of tools such as Palo Alto XSOAR, Microsoft Sentinel, and Splunk SOAR

no of pages
338
duration
676
key features
What’s inside * An exploration of the SOAR platform’s full features to streamline your security operations * Lots of automation techniques to improve your investigative ability * Actionable advice on how to leverage the capabilities of SOAR technologies such as incident management and automation to improve security posture
approach
This book starts with a comprehensive introduction to SOAR, which explains the benefits of using it in comparison to more traditional approaches. Next, it helps you acquire all the skills and information you need to use SOAR confidently, along with showing you how SOAR can be applied in real-world scenarios using case studies and examples.
audience
You'll get the most out of this book if
You're a junior SOC engineer, junior SOC analyst, a DevSecOps professional, or anyone working in the security ecosystem who wants to upskill toward automating security tasks
You often feel overwhelmed with security events and incidents
You have general knowledge of SIEM and SOAR, which is a prerequisite
You’re a beginner, in which case this book will give you a head start
You’ve been working in the field for a while, in which case you’ll add new tools to your arsenal
meta description
Become a security automation expert and build solutions that save time while making your organization more secure
short description
Automating security tasks can save cybersecurity tasks a lot of time, but getting to grips with SOAR requires a comprehensive introduction. This book, written by an automation expert, will help you get all the information you need to use SOAR confidently as well as show you its capabilities in action with the help of real-life examples.
subtitle
Learn the secrets of SOAR to improve MTTA and MTTR and strengthen your organization's security posture
keywords
SOAR, security operations, SIEM, Microsoft Sentinel, Threat hunting, Automation, security analysts, Splunk
Product ISBN
9781803242910