Orchestrated incident response

Let’s take an example where a new, non-compliant instance is powered on in the cloud. In this scenario, telemetry is automatically collected to the SIEM due to pre-established rules, and an offense is generated. This offense then triggers an incident record to be created in our Resilient Security Orchestration, Automation and Response (SOAR) Platform.