On the list! QI-ANXIN was included into the international authoritative organization SOAR report
Date：Apr 18,2022 Author：QI-ANXIN
The increasingly complex and systematic attacks in cyberspace have seriously impacted the security defense of governments, enterprises and organizations. In order to respond to security challenges more quickly, the security operations ushered in the automation era marked by "SOAR". Recently, Forrester, an international authoritative consulting firm, released the report "Now Tech: Security Orchestration, Automation, and Response (SOAR), Q2 2022", which summarizes the current market landscape and trends of global Security Orchestration Automation and Response (SOAR). Based on market share and functions, QI-ANXIN and other providers around the world are listed in the Forrester report.
Forrester defines SOAR as: Automation technology that integrates with third-party tools across the security and business ecosystem to triage, coordinate, and take coordinated, playbook-based action to security events. According to Forrester data, one of the top three challenges security teams face is day-to-day tactical activities taking up too much time. Security operations teams struggle with constant alerts, manual investigations, and a dizzying array of tools to respond from. SOAR technology provides security teams a way to automate some of these repetitive tasks and coordinate across tools from a single technology. According to the Forrester report, the goal of SOAR technology is to make security operations faster, less error-prone, and more efficient.
In order to deeply analyze the soar functionality, Forrester divides the soar market into five segments: as a part of the security analytics platform, as an independent product in the security analytics suite, as an independent product that can be integrated with threat intelligence, as a single product and as an independent product in the automation suite.
As a supplier of security analytics suite, QI-ANXIN provides customers with security analytics suite products and services including NGSOC and SOAR. As an independent product in the suite, QI-ANXIN SOAR can be deployed with both QI-ANXIN NGSOC platform and the mainstream third-party SOC Platform in the industry.
Specifically, QI-ANXIN SOAR is an intelligent collaborative system that integrates the teams, tools and processes related to security operations through orchestration and automation technology, ingests multi-source data, continuously conducts security alert triaging and investigation, case resolution, cooperative operating and incident response, and ultimately achieves efficient and effective security operations.
As a leading SOAR provider in technology and functionality, QI-ANXIN SOAR has five key capabilities different from other similar products: security capability orchestration, security process automation, intelligent alert response, collaborative case management and open system architecture. In addition, the newly added chatbot-based cooperative war room function of SOAR can also allow security analysts to communicate in real time, along with a large number of build-in scripts and commands, so as to further improve the efficiency of human-machine collaboration.
QI-ANXIN SOAR can help enterprises and organizations sort out complex security operations (especially security response) processes into workbooks (COAs) and playbooks, transform distributed security tools and functions into programmable applications and actions, and integrate teams, tools and processes through orchestration and automation technologies, effectively solve the problems such as insufficient security operations response personnel, untimely response to security incidents, repeated operations and maintenance, and lack of coordination and among security systems.
Based on the comprehensive product system of QI-ANXIN, QI-ANXIN SOAR and the company's NGSOC have jointly formed a security analytics suite solution, and can also form a special solution together with other products of the company (such as SkyEye NDR, Jawto CWPP and Tianqing EDR), which plays a collaborative role in various solutions .
As Yunkun WU, President of QI-ANXIN Group, said, "SOAR is not only a product, but also a platform, which integrates security capabilities, combines people with technology, and combines security with IT technology, so as to realize operationalized, systematic and normalized security operations, and provide solid support for realizing client’s security operations." As the first mainstream provider to release independent soar products in China, the completeness and maturity of QI-ANXIN SOAR function is ahead of other providers, representing the development trend of security operations. It will also be updated and iterated continuously, and always maintain the goal of leading the technical level of the industry and continuous innovation and progress.