SIEM(Automation) - Salem73616C656D/reading-notes GitHub Wiki

Key Takeaways

Security Automation allows an enterprise to detect and scan devices on a network, and then conduct an assessment based on those scans.

SOAR:

• Security Automation and Orchestration
• purpose-built tools that orchestrate activities between other security tools and perform specific automation activities in response to identified threats

RPA:

• Robotic Process Automation
• allow for a wide variety of processes to be automated.
• mostly leveraged in HR and finance fields

Vocabulary

No new vocabulary

Conclusion

Security automation allows for quicker, and less prone to mistake, scans and remediation of an enterprise network.