Standardized Process For Building SOAR Automations

egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
Hi All,

Just curious whether any of y'all have ran across any standardized process that can be used in building out workflows for Security Orchestration, Automation, and Response solutions (SOAR) when provided with a given scenario.  Better of a response if the process can be applied to all SOAR solutions regardless of vendor.  

As always, thanks in advance guys.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+

Comments

  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    edited February 2023
    Sorta like a YARA or Snort signature standard for SOAR workflows that all SOAR solutions must conform to? ChatGPT says nooooooo... :D
  • egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
    JDMurray said:
    Sorta like a YARA or Snort signature standard for SOAR workflows that all SOAR solutions must conform to? ChatGPT says nooooooo... :D

    I got the opposite response from ChatGPT as it had given me a process for building out workflow.  To corroborate and validate it requires a look from humans though.
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    Yes, ChatGPT will give a very general, high-level procedure for creating a generic SOAR, but it specifically replied to me that there is no standard or framework for all SOAR solutions. I believe that is what you said that you are looking for.
  • egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
    JDMurray said:
    Yes, ChatGPT will give a very general, high-level procedure for creating a generic SOAR, but it specifically replied to me that there is no standard or framework for all SOAR solutions. I believe that is what you said that you are looking for.

    Thanks. Cool beans dude.  yeah, I thought I might bounce this off the rest of the community to see if there were other dogs barking differently.  ;)
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
  • egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
    JDMurray said:
    Yes, ChatGPT will give a very general, high-level procedure for creating a generic SOAR, but it specifically replied to me that there is no standard or framework for all SOAR solutions. I believe that is what you said that you are looking for.

    Thanks. Cool beans dude.  yeah, I thought I might bounce this off the rest of the community to see if there were other dogs barking differently.  ;)
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Sign In or Register to comment.