Wij bieden verschillende flexibele cyber security services aan in samenwerking met gerenommeerde partners.
Insights is onze content hub waar we je op de hoogte houden over de laatste ontwikkelingen op het gebied van Cyber Security en IT.
Latest Insight
Acora Nederland is gespecialiseerd in Cyber Security oplossingen voor bedrijven.
Our Microsoft Partnership
Bedankt voor je interesse in Acora Nederland. Wij horen graag van je! Je kan contact met ons opnemen via het contact formulier.
Volg ons
Work with us
To view this video please enable JavaScript, and consider upgrading to a web browser that
Home News Room Insider Insights: A CISO Perspective on the value of SOAR
Gartner’s latest report on Security Orchestration, Automation, and Response (SOAR) has ignited a heated discussion within the cyber security community. The report critiques how SOAR has not lived up to its initial hype, revealing significant shortcomings and overstated promises. It highlights how it often falls short due to the complex threat landscape and operational challenges. As a result, many organisations are struggling with high costs and disappointing returns on their SOAR investments.
Our Chief Information Security Officer (CISO), Darren Humphries, shares how Acora handles these challenges. He talks about how Acora’s approach not only addresses the shortcomings identified in Gartner’s report but also optimises SOAR effectively from both a technology and partner standpoint, all whilst making sure that it complies with realistic security needs.
Table of Contents
Initial setup costs are addressed by defining which alert is most critical. This is done through integrated workflow intelligence and automated threat hunting built to efficiently identify attack, compromise, and phishing attempts. Analysts have all information at their fingertips as a package of data to work on, allowing them to handle multiple cases as one and focus senior roles on high-priority issues. We have our goals, methodologies of how we want to achieve and as end users, we have that knowledge as things evolve. All lessons learned are incorporated into the playbook data, saving analysts time and money when they check out credentials and enter into systems and metricate them.
To lower continuous maintenance and support expenses, Acora employs a well-structured team of analysts and detection engineers. For every 100 L2 in the world, there is one good detection engineer, which guarantees the support and expertise required to enhance detection capabilities. This setup is similar to that of a racing car driver and technician, where a thorough knowledge of the system enhances overall performance.
As an outsourced provider, Acora offers a flexible service model that incorporates SIEM and SOAR platforms. With this setup, we cater to 84 clients with up-to-date threat intelligence. By utilising crowdsourced intelligence from our partners and customers, we have the ability to enhance our SOAR and SentinelOne platforms without the need for specialised personnel or analysts with extensive coding skills.
Acora excels at integrating third-party connections and customised tools to improve and integrate primary security processes. Whilst SOAR systems are central to the workflow, additional tools like Tenable NESSUS are used for specific tasks, ensuring that the best resources are available for each need thus, avoiding disillusionment with unrealistic expectations of SOAR as a standalone solution. Rather than replacing the current systems, we concentrate on improving the main use cases.
SOAR systems are tools meant to support human decision-making not a replacement for existing security solutions. Acora’s service architecture is centred on improving these tools to support human intervention and decision-making processes as opposed to resolving every security issue on its own.
Acora ensures that its SOAR system stays current with changes in hacker tactics, techniques, and procedures (TTPs) by using it as a central workflow system to guide analyst activities and priorities. Whilst SOAR enhances security operations, it does not replace essential tools like SIEM or cloud systems. Rather, it complements them, similar to how a Swiss Army knife has various tools for different tasks. The key is understanding and using each tool for its intended purpose, avoiding misconceptions about SOAR’s purpose in the broader security ecosystem.
Despite Gartner’s concerns about the decline of SIEM and SOAR, we actively maintain and make use of these tools by rigorously testing them, engaging with customers, and innovative approaches from Picus and detection engineering to ensure they remain relevant and up-to-date. We collaborate with our ecosystem partners and utilise top-tier tools and training to support our hybrid models, including SOCaaS. Acora’s proactive strategies and innovative models address the evolving challenges of SOAR systems, ensuring that they provide top-tier security services and maintain resilience against emerging threats.
MSP Select reflects an excellent track record of delivering innovative IT, cyber security, and cloud services. Being selected demonstrates the outstanding capabilities of Acora and their ability to exceed customer expectations. Every year, Cloudtango recognises the most successful MSPs in…
As 2024 draws to a close we can reflect on what has been another challenging year for businesses of all sizes, while looking ahead to the opportunities that 2025 brings. With a new Government, new US President on the way…