How to choose between commercial and open-source SOAR?

The Awesome-SOAR list provides separate directories for both, including community editions and trial links for tools like Cortex XSOAR and TheHive. Review the support resources and integration capabilities listed to match your team's budget and technical needs.

What are the best open-source SOAR tools in 2024?

Based on the README, key open-source options include TheHive, Shuffle, and WALKOFF, each with GitHub links and documentation. However, verify their active development status as the list might not have recent updates.

How to create SOAR playbooks from scratch?

Use the Playbooks-Resources section for templates from AWS, Societe Generale, and others, and refer to Automation-Resources for scripts from vendors like Phantom and Microsoft Azure Sentinel to build custom workflows.

SOAR vs SIEM: which one do I need first?

The list includes articles explaining the relationship, such as 'Why a mature SIEM environment is critical for SOAR implementation.' Start with SIEM for alerting, then add SOAR for automation, as many solutions like Azure Sentinel combine both.

Where can I find SOAR training courses for beginners?

Check the Training section for courses like SANS SEC573 and vendor-specific free learning links from Palo Alto or IBM. The curated list aggregates options but doesn't guarantee current availability or quality.

How to contribute or update the Awesome-SOAR list?

Follow the contribution guidelines linked in the README to submit pull requests for new resources or corrections, ensuring the list stays relevant through community efforts.

Open-Awesome

Awesome SOAR

A curated awesome list of resources for Security Orchestration, Automation and Response (SOAR) technologies.

GitHub

996 stars152 forks0 contributors

What is Awesome SOAR?

Awesome-SOAR is a curated GitHub repository that compiles resources, tools, and information about Security Orchestration, Automation and Response (SOAR) platforms. It helps security teams discover standards, playbooks, vendor solutions, and community knowledge to implement and optimize automated incident response processes.

Target Audience

Security operations center (SOC) analysts, incident responders, cybersecurity architects, and IT security managers evaluating or implementing SOAR solutions.

Value Proposition

It saves significant research time by providing a single, community-vetted source for SOAR-related information, including comparisons of both commercial and open-source tools, which is especially valuable in a fragmented and rapidly evolving market.

Overview

A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.

Use Cases

Best For

Researching commercial and open-source SOAR platforms for procurement
Finding incident response playbook templates and automation scripts
Learning SOAR concepts through articles, presentations, and training materials
Discovering community forums and user groups for specific SOAR tools
Understanding global security standards and frameworks relevant to orchestration
Comparing features and support resources across different SOAR vendors

Not Ideal For

Teams seeking a deployable SOAR platform with out-of-the-box automation
Organizations requiring real-time, vendor-neutral performance benchmarks or critical reviews
Projects needing hands-on technical support or detailed implementation guides for a specific tool
Security professionals looking for the absolute latest market updates post-2020

Pros & Cons

Pros

Comprehensive Resource Aggregation

Curates a wide range of materials from global standards like NIST to playbook templates and automation scripts, saving significant research time as highlighted in the README's structured sections.

Detailed Vendor Directory

Provides extensive listings for commercial, open-source, and SIEM-integrated SOAR solutions, including support links, community forums, and documentation, as seen in the SOAR-Solutions categories with sub-links.

Learning and Community Focus

Includes articles, presentations, training courses, and user communities like the SOAR Telegram Group, facilitating continuous education and collaboration for security teams.

Open Knowledge Sharing

Built on open principles with contribution guidelines, encouraging community updates and reducing vendor lock-in by highlighting multiple solutions.

Cons

Potentially Outdated Information

Many linked resources, such as market research from 2019-2020, may not reflect the current SOAR landscape, risking obsolete advice for fast-evolving tools.

Lacks Critical Analysis

Serves as a link repository without editorial comparisons or performance evaluations, forcing users to independently assess tools despite the curated structure.

Inconsistent Vendor Coverage

Some vendor entries have incomplete or missing links (e.g., 'Not Available' for support or forums), reducing utility for thorough evaluation and indicating curation gaps.

Frequently Asked Questions

Related Projects

Awesome Pentest

A collection of awesome penetration testing resources, tools and other shiny things

Stars26,423

Forks4,842

Last commit4 months ago

Awesome Hacking

A curated list of awesome Hacking tutorials, tools and resources

Stars16,539

Forks1,693

Last commit2 years ago

Awesome Malware Analysis

Defund the Police.

Stars13,866

Forks2,668