<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1,user-scalable=no" /> <link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png" /> <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png" /> <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png" /> <link rel="mask-icon" href="/safari-pinned-tab.svg" color="#e2003b" /> <meta name="msapplication-TileColor" content="#b91d47" /> <meta name="theme-color" content="#33383f" /> <title>Leadership Compass: Security Orchestration Automation and Response (SOAR)</title> <meta name="description" content="This report provides an overview of the SOAR market and a compass to help you find a solution that best meets your needs. We examine the SOAR market segment, product/service functionality,..."/> <meta property="og:locale" content="en_US"> <meta property="og:site_name" content="KuppingerCole"/> <meta property="og:title" content="Leadership Compass: Security Orchestration Automation and Response (SOAR)"/> <meta property="og:description" content="This report provides an overview of the SOAR market and a compass to help you find a solution that best meets your needs. We examine the SOAR market segment, product/service functionality,..."/> <meta property="og:image" content="https://www.kuppingercole.com/pics/leadership-compass.jpg"/> <meta property="og:image:type" content="image/jpeg"/> <meta property="og:image:width" content="1000"/> <meta property="og:image:height" content="563"/> <meta property="og:type" content="website"> <meta name="twitter:card" content="summary"/> <meta name="twitter:site" content="@kuppingercole"/> <meta name="twitter:url" content="https://www.kuppingercole.com/reprints/e51fa20f25870cf09c98709b25ad0ed9"/> <meta name="twitter:title" content="Leadership Compass: Security Orchestration Automation and Response (SOAR)"/> <meta name="twitter:description" content="This report provides an overview of the SOAR market and a compass to help you find a solution that best meets your needs. We examine the SOAR market segment, product/service functionality,..."/> <meta name="twitter:image" content="https://www.kuppingercole.com/pics/leadership-compass.jpg"/> <meta name="twitter:creator" content="@kuppingercole"/> <link rel="search" href="/search.osd" type="application/opensearchdescription+xml" title="KuppingerCole" /> <link rel="alternate" href="https://feeds.feedburner.com/kuppingercole" type="application/rss+xml" title="KuppingerCole Analysts News"/> <link rel="alternate" href="https://media.kuppingercole.com/audio.xml" type="application/rss+xml" title="KuppingerCole Analysts Podcast" /> <link rel="alternate" href="https://media.kuppingercole.com/video.xml" type="application/rss+xml" title="KuppingerCole Analysts Videos" /> <link rel="canonical" href="https://www.kuppingercole.com/research/lc80763/security-orchestration-automation-and-response-soar" /> <meta name="robots" content="noindex" /> <!-- OneTrust Cookies Consent Notice start for kuppingercole.com --> <script src="https://cdn.cookielaw.org/consent/27596a78-818c-476d-88aa-6213c4214830/otSDKStub.js" data-language="en" type="text/javascript" charset="UTF-8" data-domain-script="27596a78-818c-476d-88aa-6213c4214830" ></script> <script type="text/javascript"> function OptanonWrapper() { } </script> <!-- OneTrust Cookies Consent Notice end for kuppingercole.com --> <script> window.dataLayer = window.dataLayer || []; dataLayer.push({ 'brand': 'KuppingerCole', 'googleAccount': 'UA-275923-6', 'pageName': 'Leadership Compass: Security Orchestration Automation and Response (SOAR)', 'pageType': 'Research Page', }); </script> <script type="application/ld+json"> { "@context": "https://schema.org/", "@type": "Article", "headline": "Leadership Compass: Security Orchestration Automation and Response (SOAR)", "image": "https://www.kuppingercole.com/pics/leadership-compass.jpg", "keywords": "", "url": "/research/lc80763/security-orchestration-automation-and-response-soar", "datePublished": "2023-01-30", "dateCreated": "2023-01-30", "dateModified": "2024-10-14", "articleBody": "This report provides an overview of the SOAR market and a compass to help you find a solution that best meets your needs. We examine the SOAR market segment, product/service functionality, relative market share, and innovative approaches to providing SOAR solutions.", "author": { "@type": "Person", "name": "Alejandro Leal" } } </script> <link rel="stylesheet" href="/assets/mega.style.css?v=20.1"> <link rel="stylesheet" href="/assets/kc-new-website.style.min.css?v=11.25"> <link rel="stylesheet" href="/assets/kc-new-website.style.custom.css?v=11.25"> <link rel="stylesheet" href="/assets/toastify.min.css?v=2.1"> <link rel="stylesheet" href="/assets/member-area-dropdown.css?v=2.14"> </head> <body class="bg-grey-light dark:bg-grey-100 base-layout" style="overflow-x: hidden;"> <div class="mh-px-10 mh-pt-0 mh-header-footer-xl:mh-p-4 mh-ptop-6 mh-pb-0" id="header"> <div class="mh-flex mh-flex-row mh-justify-between mh-h-[84px] mh-header-footer-xl:mh-items-center mh-header-footer-xl:mh-h-max"> <a href="/" class="mh-min-w-[165px] mh-mt-10 mh-header-footer-xl:mh-hidden mh-block mh-header-footer-xl:mt-0 mh-header-footer-xl:min-w-[10px] mh-header-footer-xl:max-w-[132px] mh-header-footer-xl:h-max"> <img class="mh-block dark:hidden" src="/assets/logos/kclogo.svg" alt="" /> <img class="mh-hidden dark:block" src="/assets/logos/kclogo_dark.svg" alt="" /> </a> <a href="/" class="mh-xl:block mh-hidden"> <img width="48" height="48" class="mh-block dark:hidden " src="/assets/logos/kc-c.svg" alt="" /> <img width="48" height="48" class="mh-hidden dark:block " src="/assets/logos/kc-c.dark.svg" alt="" /> </a> <a href="/memberships" class="mh-button-red mh-h-min mh--mr-10 mh-header-footer-xl:mh-hidden"> <div>Become a Member</div> <div class="mh-ml-[5px] mh-h-[24px]"> <img src="/assets/icons/dark/UserAdd.svg" /> </div> </a> <div class="mh-flex-row mh-hidden mh-header-footer-xl:mh-flex mh-h-max"> <a href="/login" class="mh-mr-3 mh-flex mh-items-center mh-justify-center"> <div class="mh-mr-1"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/User.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/User.svg" alt="" /> </div> <p class="text-xs mh-text-grey-100 dark:text-white-85">Login</p> </a> <button class="mh-flex mh-items-center mh-justify-center mh-mr-3" onclick="toggleMobileSearch(event)"> <div class="mh-h-[22px] mh-w-[22px] mh-flex cursor-pointer mh-mr-1" > <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Search.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Search.svg" alt="" /> </div> <p class="text-xs mh-text-grey-100 dark:text-white-85">Search</p> </button> <div class="mh-h-[22px] mh-w-[22px] mh-flex cursor-pointer " onclick="toggleMobileMenu(event)"> <div class="mobile-menu-open"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Menu.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Menu.svg" alt="" /> </div> <div class="mobile-menu-close mh-hidden"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Close.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Close.svg" alt="" /> </div> </div> </div> </div> <div class="mh-flex mh-flex-row mh-justify-between mh-header-footer-xl:mh-hidden"> <div class="mh-flex mh-flex-row"> <div> <div class="mh-px-6 mh-py-2 hover:bg-black-100 hover:text-white-100 cursor-default text-grey-100 dark:text-white-85 font-interstate font-normal" data-toggle-mega-menu="#InsightsID" data-custom-element=""> <div class="mh-text-button">Insights</div> </div> </div> <div> <div class="mh-px-6 mh-py-2 hover:bg-black-100 hover:text-white-100 cursor-default text-grey-100 dark:text-white-85 font-interstate font-normal" data-toggle-mega-menu="#ResearchID" data-custom-element=""> <div class="mh-text-button">Research</div> </div> </div> <div> <div class="mh-px-6 mh-py-2 hover:bg-black-100 hover:text-white-100 cursor-default text-grey-100 dark:text-white-85 font-interstate font-normal" data-toggle-mega-menu="#AdvisoryID" data-custom-element=""> <div class="mh-text-button">Advisory</div> </div> </div> <div> <div class="mh-px-6 mh-py-2 hover:bg-black-100 hover:text-white-100 cursor-default text-grey-100 dark:text-white-85 font-interstate font-normal" data-toggle-mega-menu="#EventsID" data-custom-element=""> <div class="mh-text-button">Events</div> </div> </div> <div> <div class="mh-px-6 mh-py-2 hover:bg-black-100 hover:text-white-100 cursor-default text-grey-100 dark:text-white-85 font-interstate font-normal" data-toggle-mega-menu="#VideosID" data-custom-element=""> <div class="mh-text-button">Videos</div> </div> </div> <div> <div class="mh-px-6 mh-py-2 hover:bg-black-100 hover:text-white-100 cursor-default text-grey-100 dark:text-white-85 font-interstate font-normal" data-toggle-mega-menu="#MembershipID" data-custom-element=""> <div class="mh-text-button">Membership</div> </div> </div> <div> <div class="mh-px-6 mh-py-2 hover:bg-black-100 hover:text-white-100 cursor-default text-grey-100 dark:text-white-85 font-interstate font-normal" data-toggle-mega-menu="#OpenSelectID" data-custom-element=""> <div class="mh-text-button">KC&nbsp;Open&nbsp;Select</div> </div> </div> <div> <div class="mh-px-6 mh-py-2 hover:bg-black-100 hover:text-white-100 cursor-default text-grey-100 dark:text-white-85 font-interstate font-normal" data-toggle-mega-menu="#CompanyID" data-custom-element=""> <div class="mh-text-button">Company</div> </div> </div> </div> <div class="mh-flex mh-flex-row"> <a class="no-underline mh-text-grey-100 dark:text-white-85 mh-h-10 w-max text-paragraph-big header-footer-lg:text-paragraph-regular mh-flex items-center mh-justify-center mh-ml-10 header-footer-lg:ml-5" href="/login"> Login <div class="mh-ml-3 hide-items-on-break"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/User.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/User.svg" alt="" /> </div> </a> <a class="no-underline mh-text-grey-100 dark:text-white-85 mh-h-10 w-max text-paragraph-big header-footer-lg:text-paragraph-regular mh-flex items-center mh-justify-center mh-ml-10 header-footer-lg:ml-5 cursor-pointer" data-toggle-search-on-click="#search"> Search <div class="mh-ml-3 hide-items-on-break"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Search.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Search.svg" alt="" /> </div> </a> </div> </div> </div> <div class="mh-hidden mh-flex-col mh-h-dvh mh-pb-12" id="mobile-menu"> <div class="mh-flex mh-w-full mh-h-full mh-flex-col mh-pb-16 mh-z-menu-50 mh-overflow-y-auto"> <div> <details class="mh-bg-grey-light open:bg-white-100 dark:bg-grey-100 dark:open:bg-black-20-solid" onclick="event.currentTarget.classList.toggle('summary-open')"> <summary class="list-none"> <div class="mh-px-6 mh-py-7 mh-flex flex-row mh-justify-between mh-items-center cursor-pointer"> <span class="mh-text-button text-color-default">Insights</span> <div class="summary-visible-open"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="summary-visible-closed"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> </div> </summary> <div class="mh-px-10 mt-pt-1 mh-pb-10 mh-flex mh-flex-col"> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/insights/customer-identity-and-access-management">Customer Identity & Access Management</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/insights/decentralized-identity">Decentralized Identity</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/insights/fraud-prevention">Fraud Prevention</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/insights/identity-and-access-management">Identity & Access Management</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/insights/identity-governance-and-administration">Identity Governance and Administration</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/insights/passwordless-authentication">Passwordless Authentication</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/insights/privileged-access-management">Privileged Access Management</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/insights/zero-trust">Zero Trust</a> </div> </details> </div> <div> <details class="mh-bg-grey-light open:bg-white-100 dark:bg-grey-100 dark:open:bg-black-20-solid" onclick="event.currentTarget.classList.toggle('summary-open')"> <summary class="list-none"> <div class="mh-px-6 mh-py-7 mh-flex flex-row mh-justify-between mh-items-center cursor-pointer"> <span class="mh-text-button text-color-default">Research</span> <div class="summary-visible-open"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="summary-visible-closed"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> </div> </summary> <div class="mh-px-10 mt-pt-1 mh-pb-10 mh-flex mh-flex-col"> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/research?f=leadershipcompass">Leadership Compass</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/research?f=whitepaper">Whitepaper</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/research?f=executiveview">Executive View</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/research?f=advisorynote">Advisory Note</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/research?f=leadershipbrief">Leadership Brief</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/research?f=buyerscompass">Buyer's Compass</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/research?f=risingstar">Rising Star</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/blog">Blog</a> </div> </details> </div> <div> <details class="mh-bg-grey-light open:bg-white-100 dark:bg-grey-100 dark:open:bg-black-20-solid" onclick="event.currentTarget.classList.toggle('summary-open')"> <summary class="list-none"> <div class="mh-px-6 mh-py-7 mh-flex flex-row mh-justify-between mh-items-center cursor-pointer"> <span class="mh-text-button text-color-default">Advisory</span> <div class="summary-visible-open"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="summary-visible-closed"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> </div> </summary> <div class="mh-px-10 mt-pt-1 mh-pb-10 mh-flex mh-flex-col"> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/advisory">Advisory Services</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/people">Meet our Advisors</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/advisory#navigator">Strategy Navigator</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/advisory#success-stories">Success Stories</a> </div> </details> </div> <div> <details class="mh-bg-grey-light open:bg-white-100 dark:bg-grey-100 dark:open:bg-black-20-solid" onclick="event.currentTarget.classList.toggle('summary-open')"> <summary class="list-none"> <div class="mh-px-6 mh-py-7 mh-flex flex-row mh-justify-between mh-items-center cursor-pointer"> <span class="mh-text-button text-color-default">Events</span> <div class="summary-visible-open"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="summary-visible-closed"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> </div> </summary> <div class="mh-px-10 mt-pt-1 mh-pb-10 mh-flex mh-flex-col"> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/events/eic2025">EIC 2025</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/events/ifid2025">Identity Fabric ID 2025</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/webinars">Webinars</a> </div> </details> </div> <div> <details class="mh-bg-grey-light open:bg-white-100 dark:bg-grey-100 dark:open:bg-black-20-solid" onclick="event.currentTarget.classList.toggle('summary-open')"> <summary class="list-none"> <div class="mh-px-6 mh-py-7 mh-flex flex-row mh-justify-between mh-items-center cursor-pointer"> <span class="mh-text-button text-color-default">Videos</span> <div class="summary-visible-open"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="summary-visible-closed"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> </div> </summary> <div class="mh-px-10 mt-pt-1 mh-pb-10 mh-flex mh-flex-col"> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/videos">All latest videos</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/videos/cyberevolution2024">cyberevolution 2024</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/videos/eic2024">European Identity and Cloud Conference 2024</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/videos/webinars">KuppingerCole Webinars</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/videos/analystchat">KuppingerCole Analyst Chat</a> </div> </details> </div> <div> <details class="mh-bg-grey-light open:bg-white-100 dark:bg-grey-100 dark:open:bg-black-20-solid" onclick="event.currentTarget.classList.toggle('summary-open')"> <summary class="list-none"> <div class="mh-px-6 mh-py-7 mh-flex flex-row mh-justify-between mh-items-center cursor-pointer"> <span class="mh-text-button text-color-default">Membership</span> <div class="summary-visible-open"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="summary-visible-closed"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> </div> </summary> <div class="mh-px-10 mt-pt-1 mh-pb-10 mh-flex mh-flex-col"> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/memberships">About</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/memberships/single#single-user">Professional</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/memberships/single#single-user">Expert</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/memberships/teams#for-teams">Corporate</a> </div> </details> </div> <div> <details class="mh-bg-grey-light open:bg-white-100 dark:bg-grey-100 dark:open:bg-black-20-solid" onclick="event.currentTarget.classList.toggle('summary-open')"> <summary class="list-none"> <div class="mh-px-6 mh-py-7 mh-flex flex-row mh-justify-between mh-items-center cursor-pointer"> <span class="mh-text-button text-color-default">KC&nbsp;Open&nbsp;Select</span> <div class="summary-visible-open"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="summary-visible-closed"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> </div> </summary> <div class="mh-px-10 mt-pt-1 mh-pb-10 mh-flex mh-flex-col"> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/open-select/pbam">Policy Based Access Management</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/open-select/isiem">Intelligent SIEM Platforms</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/open-select/datagov">Data Governance</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/open-select/cnapp">Cloud-Native Application Protection Platforms</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/open-select/ztna">Zero Trust Network Access</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/open-select/uem">Unified Endpoint Management</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/open-select/asm">Attack Surface Management</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/open-select/apisec">API Security & Management</a> </div> </details> </div> <div> <details class="mh-bg-grey-light open:bg-white-100 dark:bg-grey-100 dark:open:bg-black-20-solid" onclick="event.currentTarget.classList.toggle('summary-open')"> <summary class="list-none"> <div class="mh-px-6 mh-py-7 mh-flex flex-row mh-justify-between mh-items-center cursor-pointer"> <span class="mh-text-button text-color-default">Company</span> <div class="summary-visible-open"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="summary-visible-closed"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> </div> </summary> <div class="mh-px-10 mt-pt-1 mh-pb-10 mh-flex mh-flex-col"> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/about">About us</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/#success-stories">Success Stories</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/people">People</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/jobs">Jobs</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/newsroom">Newsroom</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/cybersecurity-council">Cybersecurity Council</a> <a class="mh-text-button text-color-default mh-mt-7 first:mt-0" href="/contact">Contact us</a> </div> </details> </div> <div class="mh-h-full mh-bg-grey-light dark:bg-grey-100 mh-w-full"></div> </div> <a href="/memberships" class="mh-button-red mh-w-full mh-absolute mh-bottom-0 mh-z-menu-50"> <div>Become a Member</div> </a> </div> <div class="mh-hidden mh-w-full mh-h-max bg-white-100 dark:bg-grey-100 mh-flex-col mh-px-10 py-6 mh-absolute mh-z-menu-20" style="box-shadow: 0px 10px 20px -2px rgba(0, 0, 0, 0.1)" id="mega-menu"> <div> </div> <div> <div class="mh-hidden mh-flex-row mh-flex-nowrap mh-w-full" id="InsightsID"> <div class="pr-10 flex mh-flex-col"> <div class="text-paragraph-big mb-6 text-grey-60 dark:text-white-60">Insights</div> <div> <a href="/insights/customer-identity-and-access-management" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-InsightsID-sub-Insights35" > Customer Identity & Access Management </a> </div> <div> <a href="/insights/decentralized-identity" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-InsightsID-sub-Insights20" > Decentralized Identity </a> </div> <div> <a href="/insights/fraud-prevention" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-InsightsID-sub-Insights33" > Fraud Prevention </a> </div> <div> <a href="/insights/identity-and-access-management" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-InsightsID-sub-Insights1" > Identity & Access Management </a> </div> <div> <a href="/insights/identity-governance-and-administration" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-InsightsID-sub-Insights27" > Identity Governance and Administration </a> </div> <div> <a href="/insights/passwordless-authentication" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-InsightsID-sub-Insights30" > Passwordless Authentication </a> </div> <div> <a href="/insights/privileged-access-management" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-InsightsID-sub-Insights23" > Privileged Access Management </a> </div> <div> <a href="/insights/zero-trust" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-InsightsID-sub-Insights24" > Zero Trust </a> </div> <a href="/insights" class="mh-button-red" style="margin-top: auto;"> <div>See all insights</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-w-full"> <div> <div class="mh-hidden mh-w-full" id="mega-menu-InsightsID-sub-Insights35"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/open-select/ciam" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/consumeriam.jpg" alt="Customer Identity and Access Management" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Open Select</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Customer Identity and Access Management </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> CIAM solutions are designed to address consumer/customer IAM scenarios that differ from traditional workforce use cases. CIAM systems allow users to register, associate device and other digital identities, authenticate, authorize, collect, and store information about consumers from across many </div> </div> </a> </div> <div> <a href="/blog/eic-2024-dont-miss-these-highlight-sessions" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_1000x563px_martins-highlights.jpg" alt="EIC 2024: Don’t Miss These Highlight Sessions" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Blog</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> EIC 2024: Don’t Miss These Highlight Sessions </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The European Identity and Cloud Conference 2024 is approaching. Only three more months until EIC 2024 launches in Berlin, June 4th to June 7th. </div> </div> </a> </div> <div> <a href="/research/ev81349/ping-identity-workforce-identity-governance" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/executive-view.jpg" alt="Ping Identity Workforce Identity Governance" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Executive View</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Ping Identity Workforce Identity Governance </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> This KuppingerCole Executive View report looks at the Ping Identity (former ForgeRock) Workforce Identity Governance solution, which combines enterprise identity governance with access management to manage the complete identity lifecycle within a single platform. </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-InsightsID-sub-Insights20"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/watch/eic-decentralized-identity-solutions" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_webinar_bigpicture_1280x720px.jpg" alt="Road to EIC: Exploring the Power of Decentralized Identity Solutions" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Webinar Recording</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Road to EIC: Exploring the Power of Decentralized Identity Solutions </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Join us for this &ldquo;Road to EIC&rdquo; virtual fireside chat, where we&nbsp;will&nbsp;discuss whether&nbsp;decentralized&nbsp;identity will revolutionize the way we deal with identities.&nbsp;Together with our guests, we will give you a taste of the much larger discussions to be held at </div> </div> </a> </div> <div> <a href="/blog/eic-2024-dont-miss-these-highlight-sessions" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_1000x563px_martins-highlights.jpg" alt="EIC 2024: Don’t Miss These Highlight Sessions" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Blog</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> EIC 2024: Don’t Miss These Highlight Sessions </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The European Identity and Cloud Conference 2024 is approaching. Only three more months until EIC 2024 launches in Berlin, June 4th to June 7th. </div> </div> </a> </div> <div> <a href="/research/an80858/how-enterprises-will-learn-to-love-decentralized-ids-the-roles-of-distributed-and-sovereign-identiti" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/advisory-note.jpg" alt="How Enterprises Will Learn to Love Decentralized IDs: The Roles of Distributed and Sovereign Identities in Our Private Metaverse" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Advisory Note</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> How Enterprises Will Learn to Love Decentralized IDs: The Roles of Distributed and Sovereign Identities in Our Private Metaverse </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Recently, Meta CEO Mark Zuckerberg demonstrated in captivating detail a working beta version of photorealistic—or rather, video realistic—avatars in the metaverse. Zuckerberg also claims that this technology will begin rolling out this year (2023) and will be at a consumer price point by the end of </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-InsightsID-sub-Insights33"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/open-select/frip" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/fraudprevention.jpg" alt="Fraud Reduction Intelligence Platforms" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Open Select</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Fraud Reduction Intelligence Platforms </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The Fraud Reduction Intelligence Platform market is mature and still growing in response to increased fraud risk levels globally. </div> </div> </a> </div> <div> <a href="/blog/the-identity-wallet-distraction-refocusing-on-ironclad-authentication" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_1000x563px_blog-paul.jpg" alt="The Identity Wallet Distraction: Refocusing on Ironclad Authentication" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Blog</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> The Identity Wallet Distraction: Refocusing on Ironclad Authentication </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> In the ever-evolving landscape of cybersecurity, Identity and Access Management (IAM) stands as the cornerstone of enterprise security strategies. As security and IT professionals, our focus continually shifts to adapt to the latest innovations designed to fortify our defenses. </div> </div> </a> </div> <div> <a href="/watch/cyber-defense-siem-platforms" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_webinar_bigpicture_1280x720px_mar7.jpg" alt="Proactive Cyber Defense with Intelligent SIEM Platforms" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Webinar Recording</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Proactive Cyber Defense with Intelligent SIEM Platforms </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Security information and event management (SIEM) solutions have dominated the enterprise security market for nearly two decades, but due to high operating costs, a shortage of skilled security experts, and the rapid pace of change in the business IT and cyber threat environments, traditional SIEMs </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-InsightsID-sub-Insights1"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/blog/the-identity-wallet-distraction-refocusing-on-ironclad-authentication" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_1000x563px_blog-paul.jpg" alt="The Identity Wallet Distraction: Refocusing on Ironclad Authentication" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Blog</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> The Identity Wallet Distraction: Refocusing on Ironclad Authentication </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> In the ever-evolving landscape of cybersecurity, Identity and Access Management (IAM) stands as the cornerstone of enterprise security strategies. As security and IT professionals, our focus continually shifts to adapt to the latest innovations designed to fortify our defenses. </div> </div> </a> </div> <div> <a href="/watch/eic-digital-identity-standards" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_webinar_bigpicture_1280x720px.jpg" alt="Road to EIC: What’s Next in Digital Identity Standards?" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Webinar Recording</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Road to EIC: What’s Next in Digital Identity Standards? </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> As the digital realm evolves rapidly, the importance of robust and secure identity verification mechanisms becomes paramount.&nbsp;Standards in digital identity&nbsp;help&nbsp;establish&nbsp;secure authentication methods and protocols to safeguard user information&nbsp;by offering frameworks that </div> </div> </a> </div> <div> <a href="/research/s80881/cybersecurity-iam-2023-in-numbers" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2023-in-numbers.jpg" alt="Cybersecurity & IAM:​ 2023 in Numbers" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Survey</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Cybersecurity & IAM:​ 2023 in Numbers </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Significant advancements happened in identity and access management (IAM) and cybersecurity in 2023. For most organizations, it has become more and more important to strengthen cybersecurity and optimize IAM procedures as they continue to traverse the challenges of digital transformation. This </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-InsightsID-sub-Insights27"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/open-select/iga" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/decentralized-identity.jpg" alt="Identity Governance & Administration" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Open Select</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Identity Governance & Administration </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Identity Governance and Administration refers to the increasingly integrated Identity Lifecycle Management and Access Governance markets. </div> </div> </a> </div> <div> <a href="/watch/iga-migration" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2023_webinar_bigpicture_1280x720px_jan18.jpg" alt="SAP IDM End of Life: Die IGA-Migration souverän meistern" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Webinar Recording</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> SAP IDM End of Life: Die IGA-Migration souverän meistern </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> KuppingerCole Lead Advisor Dr. Phillip Messerschmidt wird die Besonderheiten im SAP-Umfeld und SAP- IdM in einem kurzen &Uuml;berblick beleuchten. Au&szlig;erdem wird er aufzeigen, welche Herausforderungen sich bei der Migration einer IGA-L&ouml;sung ergeben. Dabei liegt ein besonderes </div> </div> </a> </div> <div> <a href="/research/ev81350/evolveum-midpoint-4-8-release" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/executive-view.jpg" alt="Evolveum MidPoint 4.8 Release" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Executive View</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Evolveum MidPoint 4.8 Release </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> This KuppingerCole Executive View looks at the new features in release 4.8 of Evolveum’s midPoint IGA platform. Evolveum continues to innovate midPoint by introducing new features around advanced analytics, role mining and self-service support. A technical overview of the overall midPoint’s </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-InsightsID-sub-Insights30"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/open-select/passwordless" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/passwordless.jpg" alt="Passwordless Authentication" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Open Select</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Passwordless Authentication </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> It is essential for organizations to choose the right passwordless solution that meets their unique requirements and needs around security, user experience, and technology stack. </div> </div> </a> </div> <div> <a href="/blog/navigating-the-identity-landscape-in-the-era-of-internet-connected-devices-challenges-and-solutions" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_1000x563px_warwick-blog.jpg" alt="Navigating the Identity Landscape in the Era of Internet-Connected Devices: Challenges and Solutions" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Blog</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Navigating the Identity Landscape in the Era of Internet-Connected Devices: Challenges and Solutions </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Standfirst: Identity Management plays a crucial role in addressing IoT, IIoT, and IoMT challenges. Avoid the pitfalls by following some key security best practices. </div> </div> </a> </div> <div> <a href="/watch/identity-as-a-service" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_webinar_bigpicture_1280x720px_feb22.jpg" alt="The Rise of Identity as a Service (IDaaS) as the Cornerstone of Modern Cybersecurity" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Webinar Recording</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> The Rise of Identity as a Service (IDaaS) as the Cornerstone of Modern Cybersecurity </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> While organizations can tackle these challenges separately, they can save resources by opting for an Identity-as-a-Service (IDaaS) solution, which gives them everything they need for robust identity management and authentication processes in one solution. Join us as we dive into the nuanced </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-InsightsID-sub-Insights23"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/open-select/pam" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/privilegedaccess.jpg" alt="Privileged Access Management" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Open Select</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Privileged Access Management </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Privileged Access Management (PAM), over the last few years, has evolved into a set of crucial technologies that address some of the most urgent areas of Cybersecurity today. </div> </div> </a> </div> <div> <a href="/watch/is-the-future-really-password-free-cre23" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2023_cyberevolution_holzinger.jpg" alt="Is the future really password-free and is it worth using a PAM solution?" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Event Recording</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Is the future really password-free and is it worth using a PAM solution? </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Comprehensive protection of networks, system infrastructures, hardware and software, applications and data is part of every cyber security strategy. But what does this actually mean for identity and access management?&nbsp;Unloved for many years and repeatedly declared dead: passwords. Large IT </div> </div> </a> </div> <div> <a href="/research/ev81343/nri-secure-uni-id-libra-2-7" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/executive-view.jpg" alt="NRI Secure Uni-ID Libra 2.7" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Executive View</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> NRI Secure Uni-ID Libra 2.7 </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Consumer Identity and Access Management (CIAM) continues to be a growing market year over year, offering a better user experience for the consumer and new challenges for the organization. With a focus on the Japanese market, the updated NRI Secure’s Uni-ID Libra v2.7 continues to provide innovative </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-InsightsID-sub-Insights24"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/open-select/ztna" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/zerotrust.jpg" alt="Zero Trust Network Access" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Open Select</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Zero Trust Network Access </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Zero Trust Network Access (ZTNA) is becoming increasingly essential as organizations adapt to remote work, cloud adoption, and the growing sophistication of cyber threats. </div> </div> </a> </div> <div> <a href="/blog/navigating-the-identity-landscape-in-the-era-of-internet-connected-devices-challenges-and-solutions" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_1000x563px_warwick-blog.jpg" alt="Navigating the Identity Landscape in the Era of Internet-Connected Devices: Challenges and Solutions" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Blog</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Navigating the Identity Landscape in the Era of Internet-Connected Devices: Challenges and Solutions </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Standfirst: Identity Management plays a crucial role in addressing IoT, IIoT, and IoMT challenges. Avoid the pitfalls by following some key security best practices. </div> </div> </a> </div> <div> <a href="/research/an80853/maturity-level-for-zero-trust-a-comprehensive-analysis" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/advisory-note.jpg" alt="Maturity Level for Zero Trust: A Comprehensive Analysis" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Advisory Note</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Maturity Level for Zero Trust: A Comprehensive Analysis </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> This Advisory Note explores the fundamental principles of Zero Trust, emphasizing its significance in modern cybersecurity. It discusses the Department of Defense (DoD) Zero Trust Strategy and introduces the 5+2 approach to address implementation challenges. With a focus on bridging the gap between </div> </div> </a> </div> </div> </div> </div> </div> </div> </div> <div> <div class="mh-hidden mh-flex-row mh-flex-nowrap mh-w-full" id="ResearchID"> <div class="pr-10 flex mh-flex-col"> <div class="text-paragraph-big mb-6 text-grey-60 dark:text-white-60">Research</div> <div> <a href="/research?f=leadershipcompass" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-ResearchID-sub-Research1" > Leadership Compass </a> </div> <div> <a href="/research?f=whitepaper" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-ResearchID-sub-Research2" > Whitepaper </a> </div> <div> <a href="/research?f=executiveview" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-ResearchID-sub-Research3" > Executive View </a> </div> <div> <a href="/research?f=advisorynote" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-ResearchID-sub-Research4" > Advisory Note </a> </div> <div> <a href="/research?f=leadershipbrief" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-ResearchID-sub-Research5" > Leadership Brief </a> </div> <div> <a href="/research?f=buyerscompass" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-ResearchID-sub-Research6" > Buyer's Compass </a> </div> <div> <a href="/research?f=risingstar" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-ResearchID-sub-Research7" > Rising Star </a> </div> <div> <a href="/blog" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-ResearchID-sub-Research8" > Blog </a> </div> <a href="/research" class="mh-button-red" style="margin-top: auto;"> <div>See all research</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-w-full"> <div> <div class="mh-hidden mh-w-full" id="mega-menu-ResearchID-sub-Research1"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/research/lc80923/extended-detection-and-response-xdr" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/leadership-compass.jpg" alt="eXtended Detection and Response (XDR)" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 05, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> eXtended Detection and Response (XDR) </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> This report provides an overview of the eXtended Detection & Response (XDR) market and a compass to help you find a solution that best meets your needs. It examines solutions that provide comprehensive observability and remediation capabilities across both endpoints and networks, including cloud </div> </div> </a> </div> <div> <a href="/research/lc80891/cloud-security-posture-management-cspm" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/leadership-compass.jpg" alt="Cloud Security Posture Management (CSPM)" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 04, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Cloud Security Posture Management (CSPM) </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The KuppingerCole Leadership Compass on Cloud Security Posture Management (CSPM) is an essential guide for IT professionals seeking to navigate the complexities of securing cloud environments in today’s rapidly evolving digital landscape. It offers a comprehensive analysis of the CSPM market, </div> </div> </a> </div> <div> <a href="/research/lc80866/managed-detection-and-response-mdr" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/leadership-compass.jpg" alt="Managed Detection and Response (MDR)" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 04, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Managed Detection and Response (MDR) </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> This KuppingerCole Leadership Compass provides an overview of the Managed Detection and Response (MDR) market. It examines solutions that detect, analyze, investigate, and respond to cybersecurity threats quickly and efficiently, including Security Operations Center as a Service (SOCaaS) solutions </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-ResearchID-sub-Research2"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/research/wp81369/how-to-make-ciam-a-success" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/whitepaper.jpg" alt="How to Make CIAM a Success" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jan 20, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> How to Make CIAM a Success </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Customer Identity and Access Management (CIAM) enhances security and user experience through seamless authentication, compliance, and privacy controls. It reduces costs, strengthens security, and improves conversion rates by minimizing friction. Strategic planning addresses challenges like </div> </div> </a> </div> <div> <a href="/research/wp81376/cidaas-auth-manager" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/whitepaper.jpg" alt="cidaas Auth Manager" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Nov 12, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> cidaas Auth Manager </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> In today's digital landscape, it is critical for every organization to have an agile and modern Identity and Access Management (IAM) solution. By providing complete visibility into who accesses what, when and how, modern IAM platforms enable organizations to better manage and mitigate risk. cidaas </div> </div> </a> </div> <div> <a href="/research/wp81373/guidance-on-implementing-verifiable-credential-issuance" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/whitepaper.jpg" alt="Guidance on Implementing Verifiable Credential Issuance" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Nov 05, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Guidance on Implementing Verifiable Credential Issuance </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The organization interacts with many users including employees, customers, suppliers, and contractors. In order to flexibly and securely handle the variety of each user’s digital journey in an interoperable way, organizations must shift to more user-controlled methods. OpenID for Verifiable </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-ResearchID-sub-Research3"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/research/ev81368/whiteswan-identity-security-platform" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/executive-view.jpg" alt="Whiteswan Identity Security Platform" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jan 23, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Whiteswan Identity Security Platform </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> This KuppingerCole Executive View report looks at the issues and options available to IT managers and security strategists to manage identity access to complex IT infrastructures. A technical review of the Whiteswan Identity Security platform is included. </div> </div> </a> </div> <div> <a href="/research/ev81383/microsoft-entra-suite" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/executive-view.jpg" alt="Microsoft Entra Suite" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jan 15, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Microsoft Entra Suite </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> This KuppingerCole Executive View looks at the Microsoft Entra Suite, a complete Zero Trust user access solution to secure employee access across the organization. The Microsoft Entra Suite takes an identity-centric zero trust approach to applying adaptive access policies to protect all employee </div> </div> </a> </div> <div> <a href="/research/ev81379/kela-cyber-threat-intelligence-platform" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/executive-view.jpg" alt="KELA Cyber Threat Intelligence Platform" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 12, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> KELA Cyber Threat Intelligence Platform </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> KELA Cyber Threat Intelligence Platform scans the environments where cybercriminal activities are most prevalent for intelligence that helps defend against emerging threats, leveraging both automation and expert analysis. The modular platform offers extensive capabilities — such as attack surface </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-ResearchID-sub-Research4"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/research/an80844/comparison-of-national-cloud-security-standards" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/advisory-note.jpg" alt="Comparison of National Cloud Security Standards" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 17, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Comparison of National Cloud Security Standards </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Regulatory frameworks are being developed to establish minimum security standards. They recommend data protection measures, support risk mitigation, and help ensure that cloud service providers (CSP) remain accountable and comply with cybersecurity requirements and standards. Different regions </div> </div> </a> </div> <div> <a href="/research/an801040/understanding-china-s-approach-to-cyberspace-strategic-and-security-considerations-for-europe" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/advisory-note.jpg" alt="Understanding China’s Approach to Cyberspace: Strategic and Security Considerations for Europe" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 10, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Understanding China’s Approach to Cyberspace: Strategic and Security Considerations for Europe </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> This Advisory Note provides an updated analysis of cyber risks associated with China, building on our 2023 report with new insights and perspectives. It examines China's cybersecurity policies, legal frameworks, and strategic objectives. Drawing on academic and policy publications, it explores </div> </div> </a> </div> <div> <a href="/research/an80976/machine-identities" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/advisory-note.jpg" alt="Machine Identities" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jan 31, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Machine Identities </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Machine identities are an essential yet often overlooked component of organizational security. In an era where digital transformation and cloud computing have enabled a proliferation of applications, devices, and workloads, managing and securing machine identities has become critical.This report </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-ResearchID-sub-Research5"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/research/lb80977/session-hijacking-threats-and-prevention" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/leadership-brief.jpg" alt="Session Hijacking: Threats and Prevention" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jan 31, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Session Hijacking: Threats and Prevention </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Session hijacking is a common means by which attackers gain illegal access to victims’ data and resources. It involves taking over users’ sessions and/or capturing valid tokens. These methods are used to perpetrate fraud and exfiltrate data. </div> </div> </a> </div> <div> <a href="/research/lb80817/why-vulnerability-management-is-a-strategic-investment" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/leadership-brief.jpg" alt="Why Vulnerability Management Is a Strategic Investment" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Nov 04, 2022</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Why Vulnerability Management Is a Strategic Investment </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Considering that the threat landscape is constantly changing, it is important to maintain a strong cybersecurity foundation. Organizations need security hygiene standards to increase security and readiness while preventing vulnerabilities from being exploited by adversaries. By introducing a </div> </div> </a> </div> <div> <a href="/research/lb80820/managing-rdp-security-risks-to-block-ransomware-attacks" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/leadership-brief.jpg" alt="Managing RDP Security Risks to Block Ransomware Attacks" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Aug 30, 2022</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Managing RDP Security Risks to Block Ransomware Attacks </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Remote working is becoming widespread for social and economic reasons, and one of the key enablers is the Remote Desktop Protocol (RDP). However, RDP is one of the most popular initial cyber-attack vectors, which is all too often overlooked. This leadership brief details the security risks </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-ResearchID-sub-Research6"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/research/bc81037/saas-security-posture-management" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/buyers-compass.jpg" alt="SaaS Security Posture Management" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jan 27, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> SaaS Security Posture Management </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> SaaS Security Posture Management solutions are designed to continuously monitor, analyze, and improve the security posture of an organization’s SaaS applications. These solutions integrate with a range of SaaS platforms using APIs to provide visibility into risky configurations, user activity, data </div> </div> </a> </div> <div> <a href="/research/bc80782/managed-detection-response-mdr" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/buyers-compass.jpg" alt="Managed Detection & Response (MDR)" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jan 27, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Managed Detection & Response (MDR) </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Managed Detection and Response (MDR) services offer a comprehensive approach to tackling cybersecurity challenges. By providing continuous monitoring, advanced threat detection, and incident response capabilities, MDR enables organizations to enhance their security posture without the need for </div> </div> </a> </div> <div> <a href="/research/bc80788/identity-governance-and-administration" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/buyers-compass.jpg" alt="Identity Governance and Administration" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jan 15, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Identity Governance and Administration </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Identity and Access Governance as a core part of IGA is one of the key technologies within IAM for any organization. This is due to the massive impact of security and governance risks arising due to issues in managing access controls such as over-entitlements and gaps in enforcing the least </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-ResearchID-sub-Research7"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/research/rs81401/rising-star-privo" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/risingstar.jpg" alt="Rising Star PRIVO" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 20, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Rising Star PRIVO </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> PRIVO stands out in privacy and consent management, specializing in minors' online protection. Offering solutions like Smart Age Gate and Minors Protection Registry, they enable organizations to meet regulatory needs like COPPA and GDPR. PRIVO leverages innovative, patented technologies for </div> </div> </a> </div> <div> <a href="/research/rs81422/rising-star-veza" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/risingstar.jpg" alt="Rising Star Veza" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 20, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Rising Star Veza </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Veza's Access Platform enhances security by connecting identities to data, offering real-time analytics on permissions. Supporting over 250 integrations, it aids in mitigating risks related to over-privileged access and identity management. With innovative tools for monitoring and policy </div> </div> </a> </div> <div> <a href="/research/rs81409/rising-star-trua" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/risingstar.jpg" alt="Rising Star Trua" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 14, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Rising Star Trua </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Trua leverages reusable verified identity, focusing on gig workers' privacy and compliance via user-held credentials. Their unique solution, TruaScore, mitigates onboarding costs and risks by offering tamper-proof identity sharing. Technological advancements, aligned with industry standards, </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-ResearchID-sub-Research8"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/blog/balaganski/strong-authentication-in-a-post-quantum-world" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_eic_blog-alexei_authentication_in_a_post-quantum_world.jpg" alt="Strong Authentication in a Post-Quantum World" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 18, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Strong Authentication in a Post-Quantum World </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The digital security apocalypse is looming, courtesy of quantum computing. Is your organization ready? As passwords cling to life, quantum computers threaten to dismantle existing encryption, rendering current authentication insufficient. Dive in to explore the dawn of post-quantum cryptography and </div> </div> </a> </div> <div> <a href="/blog/bailey/the-future-of-digital-travel-credentials-trust-adoption-and-the-eidas-20-framework" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_eic_blog-annie_digital-travel-credentials.jpg" alt="The Future of Digital Travel Credentials: Trust, Adoption, and the eIDAS 2.0 Framework" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 07, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> The Future of Digital Travel Credentials: Trust, Adoption, and the eIDAS 2.0 Framework </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Step into the future of travel where digital identity technologies are reshaping cross-border experiences. Explore the rise of innovations like automated verification, while uncovering regional success stories like SITA and India's Digi Yatra. Discover how international collaboration could make </div> </div> </a> </div> <div> <a href="/blog/messerschmidt/what-can-the-identity-fabric-2025-update-teach-you-about-zero-trust-identity-security" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_eic_blog-phillip_zero-trust-identity_2_2.jpg" alt="What Can the Identity Fabric 2025 Update Teach You About Zero Trust Identity Security?​" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 04, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> What Can the Identity Fabric 2025 Update Teach You About Zero Trust Identity Security?​ </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Meet the future of identity security with Zero Trust and KuppingerCole’s Identity Fabric 2025! Unlock the secrets to dynamic, real-time protection, where differentiating identities and leveraging analytics aren't just optional—they're essential for surviving today's digital threats. </div> </div> </a> </div> </div> </div> </div> </div> </div> </div> <div> <div class="mh-hidden mh-flex-row mh-flex-nowrap mh-w-full" id="EventsID"> <div class="pr-10 flex mh-flex-col"> <div class="text-paragraph-big mb-6 text-grey-60 dark:text-white-60">Events</div> <div> <a href="/events/eic2025" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-EventsID-sub-Eventeic2025" > EIC 2025 </a> </div> <div> <a href="/events/ifid2025" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-EventsID-sub-Eventifid2025" > Identity Fabric ID 2025 </a> </div> <div> <a href="/webinars" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-EventsID-sub-Webinars" > Webinars </a> </div> <a href="/webinars" class="button-red" style="margin-top: auto;"> <div>See all webinars</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-w-full"> <div> <div class="mh-w-full" id="mega-menu-EventsID-sub-Eventeic2025"> <div class="mh-grid mh-grid-cols-3 mh-w-full mh-gap-10 mh-pt-20 mh-pr-10 2xl:mh-grid-cols-2"> <div class="mh-h-full mh-flex mh-items-center mh-justify-center xl:mh-hidden"> <a href="/events/eic2025"><img src="/pictures/600/2025_eic_1000x563px1.jpg" alt="European Identity and Cloud Conference 2025" /></a> </div> <div class="mh-flex mh-flex-col mh-col-span-2 2xl:mh-col-span-1 xl:mh-col-span-2 mh-justify-between py-4 xl:mh-py-0"> <div class="mh-flex mh-flex-col"> <div class="text-color-default text-headline">European Identity and Cloud Conference 2025</div> <div class="text-color-default text-paragraph-big mh-mt-4 multiline-ellipsis-3">Join Europe's leading event for the future of digital identities and cybersecurity from May 6 - 9, 2025, in Berlin, Germany! EIC 2025 will take place in a hybrid format, bringing together IT professionals - virtually and on site.</div> </div> <div class="mh-flex mh-flex-row mh-gap-4 mh-mt-6 mh-flex-wrap"> <a class="link-underline-paragraph-big" href="/events/eic2025">To the Event</a> <a class="link-paragraph-big" href="/events/eic2025/agenda"> Agenda Overview <div class="ml-[5px] h-[24px]"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ArrowRight.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ArrowRight.svg" alt="" /> </div> </a> </div> </div> </div> </div> </div> <div> <div class="mh-w-full" id="mega-menu-EventsID-sub-Eventifid2025"> <div class="mh-grid mh-grid-cols-3 mh-w-full mh-gap-10 mh-pt-20 mh-pr-10 2xl:mh-grid-cols-2"> <div class="mh-h-full mh-flex mh-items-center mh-justify-center xl:mh-hidden"> <a href="/events/ifid2025"><img src="/pictures/600/2025_id_bigpicture_1280x720.jpg" alt="Identity Fabric Impact Day 2025" /></a> </div> <div class="mh-flex mh-flex-col mh-col-span-2 2xl:mh-col-span-1 xl:mh-col-span-2 mh-justify-between py-4 xl:mh-py-0"> <div class="mh-flex mh-flex-col"> <div class="text-color-default text-headline">Identity Fabric Impact Day 2025</div> <div class="text-color-default text-paragraph-big mh-mt-4 multiline-ellipsis-3">Identity Fabric Impact Day is a premier one-day practice-oriented event for IAM professionals, security leaders, and solution providers to gain real-world insights into Identity Fabrics and modern identity management. Unlike broad conferences, Identity Fabric Impact Day focuses on practical strategies, hands-on learning, and expert-led discussions to help organizations strengthen security, improve efficiency, and drive digital transformation. Attendees will connect with 100+ CISOs, IAM experts, IT security professionals, and solution providers, explore cutting-edge identity solutions, and gain actionable knowledge from KuppingerCole analysts and industry leaders. Whether you're optimizing your IAM strategy, exploring new technologies, or seeking expert guidance, Identity Fabric Impact Day delivers the insights and connections needed to stay ahead in the evolving identity landscape.</div> </div> <div class="mh-flex mh-flex-row mh-gap-4 mh-mt-6 mh-flex-wrap"> <a class="link-underline-paragraph-big" href="/events/ifid2025">To the Event</a> <a class="link-paragraph-big" href="/events/ifid2025/callforspeakers"> Call for Speakers <div class="ml-[5px] h-[24px]"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/ArrowRight.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/ArrowRight.svg" alt="" /> </div> </a> </div> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-EventsID-sub-Webinars"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/events/2025/02/how-to-ciam" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_webinar_bigpicture_1280x720_feb25.jpg" alt="How to Do CIAM in 2025 and Beyond" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 25, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> How to Do CIAM in 2025 and Beyond </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> In 2025, the pace of change in technology can transform industries in weeks, and customer identity management must keep up. The rapid evolution of customer expectations and technological capabilities necessitates a strategic CIAM approach that seamlessly balances robust security, intuitive user </div> </div> </a> </div> <div> <a href="/events/2025/03/evolution-of-soar" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_webinar_bigpicture_1280x720_feb4.jpg" alt="The Evolution of SOAR: Trends, Leaders, and the Path Forward" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Mar 04, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> The Evolution of SOAR: Trends, Leaders, and the Path Forward </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The Security Orchestration, Automation, and Response (SOAR) landscape is rapidly evolving as automation and AI reshape cybersecurity operations. With the growing complexity of threats, organizations face challenges in optimizing incident response and enhancing security efficiency. This webinar </div> </div> </a> </div> <div> <a href="/events/2025/03/ndr-market-insights" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_webinar_bigpicture_1280x720_mar5.jpg" alt="Future-Proofing Your Cybersecurity: Insights into the NDR Market" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Mar 05, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Future-Proofing Your Cybersecurity: Insights into the NDR Market </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Join us for a webinar where we will discuss the recent changes in the NDR market and highlight the innovative capabilities shaping the future of NDR solutions, based on our latest Leadership Compass. Discover the latest features and capabilities required by the NDR market in 2025. Gain valuable </div> </div> </a> </div> </div> </div> </div> </div> </div> </div> <div> <div class="mh-hidden mh-flex-row mh-flex-nowrap mh-w-full" id="VideosID"> <div class="pr-10 flex mh-flex-col"> <div class="text-paragraph-big mb-6 text-grey-60 dark:text-white-60">Videos</div> <div> <a href="/videos" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-VideosID-sub-Videos9" > All latest videos </a> </div> <div> <a href="/videos/cyberevolution2024" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-VideosID-sub-Videos10" > cyberevolution 2024 </a> </div> <div> <a href="/videos/eic2024" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-VideosID-sub-Videos11" > European Identity and Cloud Conference 2024 </a> </div> <div> <a href="/videos/webinars" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-VideosID-sub-Videos12" > KuppingerCole Webinars </a> </div> <div> <a href="/videos/analystchat" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-VideosID-sub-Videos13" > KuppingerCole Analyst Chat </a> </div> <a href="/videos" class="mh-button-red" style="margin-top: auto;"> <div>See all videos</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-w-full"> <div> <div class="mh-hidden mh-w-full" id="mega-menu-VideosID-sub-Videos9"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/watch/navigating-dora" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_webinar_bigpicture_1280x720_feb20.jpg" alt="Navigating DORA Compliance: Leveraging Privileged Access Management" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 21, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Navigating DORA Compliance: Leveraging Privileged Access Management </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> As financial institutions in the EU work to comply with the Digital Operational Resilience Act (DORA), ensuring robust cybersecurity and operational resilience is paramount. DORA mandates that organizations within the financial sector must implement stringent cybersecurity measures to protect </div> </div> </a> </div> <div> <a href="/watch/beyond-the-wallet" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_webinar_bigpicture_empty_1280x720px_april16_3.jpg" alt="Road to EIC: Beyond the Wallet - Building Network Effects for Digital Identity Adoption" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 20, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Road to EIC: Beyond the Wallet - Building Network Effects for Digital Identity Adoption </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The European Union has set an ambitious goal: 80% of citizens using digital identity wallets by 2030. Achieving this requires more than innovative technology&mdash;it needs a strong, connected ecosystem to drive adoption. While the SPRIN-D Funke European Digital Identity (EUDI) Wallet event </div> </div> </a> </div> <div> <a href="/watch/extended-detection-response" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_webinar_bigpicture_1280x720_feb12.jpg" alt="Results from the Leadership Compass on XDR" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 13, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Results from the Leadership Compass on XDR </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Join us for an insightful webinar exploring the KuppingerCole Leadership Compass on XDR, where we delve into the dynamic world of Extended Detection and Response solutions. As cyber threats continue to evolve, organizations are increasingly turning to XDR as a comprehensive approach to enhance </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-VideosID-sub-Videos10"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/watch/transforming-ecosystem-partner-security-risk-management-cre24" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_cyberevolution.jpg" alt="Transforming Ecosystem Partner Security Risk Management: Lessons Learned and Insights for DORA Implementation" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 05, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Transforming Ecosystem Partner Security Risk Management: Lessons Learned and Insights for DORA Implementation </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> As organizations face increasing regulatory demands and evolving cyber threats, effective Ecosystem Partner security risk management has become a critical priority. This session will explore a successful transformation journey in Ecosystem Partner security risk management, highlighting the </div> </div> </a> </div> <div> <a href="/watch/arena-digitalisierung-bayern-munchen-cre24" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_cyberevolution.jpg" alt="In der digitalen Arena: Digitalisierung bei Bayern München - aber sicher" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 05, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> In der digitalen Arena: Digitalisierung bei Bayern München - aber sicher </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> </div> </div> </a> </div> <div> <a href="/watch/enhancing-cyber-resilience-cre24" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_cyberevolution.jpg" alt="Enhancing Cyber Resilience: Integrating Identity Management, Multi-Cloud Strategies, and Advanced Threat Detection" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 05, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Enhancing Cyber Resilience: Integrating Identity Management, Multi-Cloud Strategies, and Advanced Threat Detection </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-VideosID-sub-Videos11"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/watch/is-your-company-losing-from-not-being-id-inclusive-eic24" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_bigpicture_1280x720px_3.jpg" alt="Financial Inclusion Is Not Possible Without Identity Inclusion. How Much Revenue Is Your Company Losing From Not Being ID Inclusive?" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jun 07, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Financial Inclusion Is Not Possible Without Identity Inclusion. How Much Revenue Is Your Company Losing From Not Being ID Inclusive? </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> This keynote session will focus on the fact Financial Inclusion is not possible without Identity inclusion. The speaker(s) will deliver the key findings from Phase 3 of Women in Identity&rsquo;s International ID Code of Conduct, the Economic Impact of ID Exclusion. The report delivers a </div> </div> </a> </div> <div> <a href="/watch/identity-management-at-migros-switzerland-eic24" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_bigpicture_1280x720px_3.jpg" alt="Expert Talk: Identity Management at MIGROS, Switzerland" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jun 07, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Expert Talk: Identity Management at MIGROS, Switzerland </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Paul Fisher will sit down with Dr. Lukas Ruf from MIGROS to delve into the complexities and innovations in access management within a global, federated structure. Dr. Ruf will share valuable insights into the key challenges of access management, highlighting the delicate balance between </div> </div> </a> </div> <div> <a href="/watch/bridging-federated-and-decentralized-identity-systems-eic24" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_eic_bigpicture_1280x720px_3.jpg" alt="Bridging Federated and Decentralized Identity Systems" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Jun 07, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Bridging Federated and Decentralized Identity Systems </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Identity verification is rapidly evolving, blending both federated systems and decentralized models to cater to diverse needs. However, this integration often presents challenges, including balancing ease of use with stringent security requirements. Many identity solutions provide seamless user </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-VideosID-sub-Videos12"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/watch/navigating-dora" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_webinar_bigpicture_1280x720_feb20.jpg" alt="Navigating DORA Compliance: Leveraging Privileged Access Management" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 21, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Navigating DORA Compliance: Leveraging Privileged Access Management </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> As financial institutions in the EU work to comply with the Digital Operational Resilience Act (DORA), ensuring robust cybersecurity and operational resilience is paramount. DORA mandates that organizations within the financial sector must implement stringent cybersecurity measures to protect </div> </div> </a> </div> <div> <a href="/watch/beyond-the-wallet" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_webinar_bigpicture_empty_1280x720px_april16_3.jpg" alt="Road to EIC: Beyond the Wallet - Building Network Effects for Digital Identity Adoption" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 20, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Road to EIC: Beyond the Wallet - Building Network Effects for Digital Identity Adoption </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The European Union has set an ambitious goal: 80% of citizens using digital identity wallets by 2030. Achieving this requires more than innovative technology&mdash;it needs a strong, connected ecosystem to drive adoption. While the SPRIN-D Funke European Digital Identity (EUDI) Wallet event </div> </div> </a> </div> <div> <a href="/watch/extended-detection-response" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_webinar_bigpicture_1280x720_feb12.jpg" alt="Results from the Leadership Compass on XDR" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Feb 13, 2025</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Results from the Leadership Compass on XDR </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Join us for an insightful webinar exploring the KuppingerCole Leadership Compass on XDR, where we delve into the dynamic world of Extended Detection and Response solutions. As cyber threats continue to evolve, organizations are increasingly turning to XDR as a comprehensive approach to enhance </div> </div> </a> </div> </div> </div> </div> <div> <div class="mh-hidden mh-w-full" id="mega-menu-VideosID-sub-Videos13"> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/watch/cybersecurity-insights-2025" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/analystchat242.jpg" alt="2025 Cybersecurity Insights: Trends and Solutions" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 16, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> 2025 Cybersecurity Insights: Trends and Solutions </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Join us as we explore the major cybersecurity and IAM trends to keep an eye on in 2025. We&rsquo;ll discuss the emergence of non-human identities, the hurdles of quantum-safe encryption, and the practical applications of AI and decentralized identity. Get ready to learn how these trends will </div> </div> </a> </div> <div> <a href="/watch/cyber-hygiene-personal-life" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/analystchat241.jpg" alt="Cyber Hygiene for Your Personal Life" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 09, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Cyber Hygiene for Your Personal Life </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> In this episode of the KuppingerCole Analyst Chat, Matthias Reinwarth is joined by cybersecurity expert John Tolbert to talk about essential tips for personal cyber hygiene. Together, they discuss practical advice for keeping your devices secure, avoiding common threats, and implementing best </div> </div> </a> </div> <div> <a href="/watch/rethinking-supply-chain-security" class="mh-p-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/analystchat240.jpg" alt="From SolarWinds to Zero Trust: Rethinking Supply Chain Security" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6 mh-w-full"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <span class="mh-mr-6 last:mr-0">Dec 02, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> From SolarWinds to Zero Trust: Rethinking Supply Chain Security </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Matthias Reinwarth and Dr. Phillip Messerschmidt delve into the complexities of Cyber Supply Chain Risk Management (C-SCRM). They discuss the importance of understanding and mitigating risks that arise from external suppliers and the interconnected nature of modern supply chains. The conversation </div> </div> </a> </div> </div> </div> </div> </div> </div> </div> <div class="mh-hidden mh-flex-row mh-flex-nowrap mh-w-full" id="AdvisoryID"> <div class="pr-10"> <div class="text-paragraph-big mb-6 text-grey-60 dark:text-white-60">Advisory</div> <a href="/advisory" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-advisory-sub-advisory" > Advisory Services </a> <a href="/advisory#success-stories" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-advisory-sub-success" > Success stories </a> </div> <div class="mh-w-full"> <div class="mh-w-full" id="mega-menu-advisory-sub-advisory"> <div class="mh-w-full mh-flex mh-flex-row" id="Advisory0"> <div class="mh-flex-1 mh-flex mh-flex-col"> <span class="text-headline text-color-default">Advisory Services</span> <p class="text-paragraph-big mh-mt-6 text-color-default"> KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges. </p> <a href="/advisory" class="mh-button-red self-end mh-mt-6"> <div>See Advisory Services</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-flex-1 mh-flex mh-flex-col pl-20"> <span class="text-headline text-color-default">Contact our advisors</span> <p class="text-paragraph-big text-color-default mh-mt-6"> <div class="grid grid-cols-1 my-6 gap-x-6"> <small class="text-paragraph-small text-grey-80 dark:text-white-85">E-mail</small> <a href="mailto:info@kuppingercole.com" class="text-color-default text-paragraph-regular">info@kuppingercole.com</a> </div> </p> <a href="/people" class="mh-button-red self-end mh-mt-6"> <div>Meet our Advisors</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> </div> <div class="mh-w-full mh-flex mh-flex-row" id="mega-menu-advisory-sub-success"> <div class="mh-w-full mh-flex mh-flex-row justify-start"> <div class="mh-flex mh-flex-col mh-h-full mh-ml-10"> <div style="background: linear-gradient(0deg, rgba(255, 255, 255, 0.5), rgba(255, 255, 255, 0.5)), url('/assets/images/advisory-background1.jpg'); background-size: cover; max-height: 350px;" class="swiper-slide bg-white-100 mh-p-10 md:mh-p-6 mh-flex mh-flex-col justify-start md:mh-mr-6 last:mr-0 max-w-[480px] md:max-w-[240px] overflow-hidden lg:min-h-[400px] md:min-h-[1px] bg-cover swiper-slide-active" role="group" aria-label="1 / 4"> <div class="mh-flex mh-flex-row md:mh-flex-col mh-justify-between md:justify-start align-top"> <img class="max-h-20 max-w-[200px] md:self-end" src="/pics/Boehringer_Ingelheim.png" alt=""> </div> <div class="mh-mt-6 mh-h-full"> <div class="text-black-100 text-paragraph-regular mt-3 md:mt-2 xl:multiline-ellipsis-3" style="font-size: 14px;">Boehringer Ingelheim, a leading pharmaceutical company, sought to enhance its Identity and Access Management (IAM) capabilities in the digital age. We collaborated to develop a strategic IAM roadmap in just five months, aligning their IT infrastructure with their global leadership position.</div> <a class="link-light-underline-paragraph-big mh-mt-6 " href="/success-story-boehringer-ingelheim"> View Case Study </a> </div> </div> </div> <div class="mh-flex mh-flex-col mh-h-full mh-ml-10"> <div style="background: linear-gradient(0deg, rgba(255, 255, 255, 0.5), rgba(255, 255, 255, 0.5)), url('/assets/images/advisory-background2.jpg'); background-size: cover; max-height: 350px;" class="swiper-slide bg-white-100 mh-p-10 md:mh-p-6 mh-flex mh-flex-col justify-start mr-20 md:mh-mr-6 last:mr-0 max-w-[480px] md:max-w-[240px] lg:min-h-[400px] md:min-h-[1px] bg-cover swiper-slide-active" role="group" aria-label="1 / 4"> <div class="mh-flex mh-flex-row md:mh-flex-col mh-justify-between md:justify-start align-top"> <img class="max-h-20 max-w-[200px] md:self-end" src="/pics/iamstrategy.png" alt=""> </div> <div class="mh-mt-6 md:mh-mt-6 mh-h-full"> <div class="text-black-100 text-paragraph-regular mt-3 md:mt-2 1xl:multiline-ellipsis-3" style="font-size: 14px;">Global chemical company revamped its Identity and Access Management with KuppingerCole's IAM strategy: guidance, assessment, roadmap. Enhanced security and efficiency.<br/><br/><br/></div> <a class="link-light-underline-paragraph-big mh-mt-6 md:mh-mt-6" href="/success-story-leading-chemical-company"> View Case Study </a> </div> </div> </div> </div> </div> </div> </div> <div class="mh-hidden mh-flex-row mh-flex-nowrap mh-w-full pt-6" id="MembershipID"> <div class="pr-10"> <div class="text-paragraph-big mb-6 text-grey-60 dark:text-white-60">Membership</div> <a href="/memberships" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-membership-sub-about"> About </a> <a href="/memberships/single#single-user" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-membership-sub-professional"> Professional </a> <a href="/memberships/single#single-user" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-membership-sub-expert"> Expert </a> <a href="/memberships/teams#for-teams" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-membership-sub-corporate"> Corporate </a> </div> <div class="mh-w-full"> <div class="mh-w-full" id="mega-menu-membership-sub-about"> <div class="mh-w-full mh-flex mh-flex-row" id="Membership0"> <div class="mh-flex-1 mh-flex mh-flex-col"> <span class="text-headline text-color-default">Your gateway to Identity Security excellence</span> <p class="text-paragraph-big mh-mt-6 text-color-default"> Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security. </p> <a href="/memberships" class="mh-button-red self-end mh-mt-6"> <div>Learn More</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-flex-1 mh-flex mh-flex-col mh-pl-20 mh-w-full mh-h-full mh-m-10 mh-p-10 bg-grey-100 dark:bg-white-100 "> <span class="text-headline text-white-85 dark:text-grey-80">Your Free 7-Day Trial: Power Up Your IAM & Cybersecurity Expertise</span> <p class="text-paragraph-big mh-mt-6 text-white-85 dark:text-grey-80"> Get instant access to our complete research library. </p> <a href="/memberships/freetrial#free-trial" class="mh-button-red self-end mh-mt-6"> <div>Get Started for Free</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> </div> <div class="mh-w-full" id="mega-menu-membership-sub-professional"> <div class="mh-w-full mh-flex mh-flex-row" id="Membership1"> <div class="mh-flex-1 mh-flex mh-flex-col"> <span class="text-headline text-color-default">Stay ahead of industry trends and make informed decisions</span> <p class="text-paragraph-big mh-mt-6 text-color-default"> Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation. </p> <a href="/memberships/single#single-user" class="mh-button-red self-end mh-mt-6"> <div>Learn More</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-flex-1 mh-flex mh-flex-col mh-pl-20 mh-w-full mh-h-full mh-m-10 mh-p-10 bg-grey-100 dark:bg-white-100 "> <span class="text-headline text-white-85 dark:text-grey-80">Your Free 7-Day Trial: Power Up Your IAM & Cybersecurity Expertise</span> <p class="text-paragraph-big mh-mt-6 text-white-85 dark:text-grey-80"> Get instant access to our complete research library. </p> <a href="/memberships/freetrial#free-trial" class="mh-button-red self-end mh-mt-6"> <div>Get Started for Free</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> </div> <div class="mh-w-full" id="mega-menu-membership-sub-expert"> <div class="mh-w-full mh-flex mh-flex-row" id="Membership2"> <div class="mh-flex-1 mh-flex mh-flex-col"> <span class="text-headline text-color-default">Elevate your expertise and expand your professional network</span> <p class="text-paragraph-big mh-mt-6 text-color-default"> Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections. </p> <a href="/memberships/single#single-user" class="mh-button-red self-end mh-mt-6"> <div>Learn More</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-flex-1 mh-flex mh-flex-col mh-pl-20 mh-w-full mh-h-full mh-m-10 mh-p-10 bg-grey-100 dark:bg-white-100 "> <span class="text-headline text-white-85 dark:text-grey-80">Your Free 7-Day Trial: Power Up Your IAM & Cybersecurity Expertise</span> <p class="text-paragraph-big mh-mt-6 text-white-85 dark:text-grey-80"> Get instant access to our complete research library. </p> <a href="/memberships/freetrial#free-trial" class="mh-button-red self-end mh-mt-6"> <div>Get Started for Free</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> </div> <div class="mh-w-full" id="mega-menu-membership-sub-corporate"> <div class="mh-w-full mh-flex mh-flex-row" id="Membership3"> <div class="mh-flex-1 mh-flex mh-flex-col"> <span class="text-headline text-color-default">Empower your team with the knowledge and connections to drive change</span> <p class="text-paragraph-big mh-mt-6 text-color-default"> Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities. </p> <a href="/memberships/teams#for-teams" class="mh-button-red self-end mh-mt-6"> <div>Learn More</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-flex-1 mh-flex mh-flex-col mh-pl-20 mh-w-full mh-h-full mh-m-10 mh-p-10 bg-grey-100 dark:bg-white-100 "> <span class="text-headline text-white-85 dark:text-grey-80">Your Free 7-Day Trial: Power Up Your IAM & Cybersecurity Expertise</span> <p class="text-paragraph-big mh-mt-6 text-white-85 dark:text-grey-80"> Get instant access to our complete research library. </p> <a href="/memberships/freetrial#free-trial" class="mh-button-red self-end mh-mt-6"> <div>Get Started for Free</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> </div> </div> </div> <div class="mh-hidden mh-flex-row mh-flex-nowrap mh-w-full" id="OpenSelectID"> <div class="pr-10 mh-flex mh-flex-col"> <div class="text-paragraph-big mb-6 text-grey-60 dark:text-white-60">KC Open Select</div> <div> <a href="/open-select/pbam" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]"> Policy Based Access Management </a> </div> <div> <a href="/open-select/isiem" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]"> Intelligent SIEM Platforms </a> </div> <div> <a href="/open-select/datagov" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]"> Data Governance </a> </div> <div> <a href="/open-select/cnapp" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]"> Cloud-Native Application Protection Platforms </a> </div> <div> <a href="/open-select/ztna" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]"> Zero Trust Network Access </a> </div> <div> <a href="/open-select/uem" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]"> Unified Endpoint Management </a> </div> <div> <a href="/open-select/asm" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]"> Attack Surface Management </a> </div> <div> <a href="/open-select/apisec" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]"> API Security & Management </a> </div> <a href="/open-select" class="mh-button-red" style="margin-top: auto;"> <div>See all topics</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> <div class="mh-w-full"> <div class="mh-w-full mh-flex mh-flex-row"> <div class="mh-flex mh-flex-col w-1/2"> <span class="text-headline text-color-default">Discover and compare cybersecurity solutions</span> <p> <a href="/open-select/"><img class="mh-mt-6" src="/pics/openselect.jpg" alt="" /></a> </p> </div> <div class="mh-flex mh-flex-col w-1/2 pl-20"> <span class="text-headline text-color-default">Goodbye guesswork, hello confident decisions</span> <p class="text-paragraph-big mh-mt-6 text-color-default"> Optimize your decision-making process with the most comprehensive and up-to-date market data available. </p> <p class="text-paragraph-big mh-mt-6 text-color-default"> Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company. </p> <p class="text-paragraph-big mh-mt-6 text-color-default"> Configure your individual requirements to discover the ideal solution for your business. </p> <a href="/open-select/" class="mh-button-red self-end mh-mt-6"> <div>Visit KC Open Select</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> </div> </div> <div class="mh-hidden mh-flex-row mh-flex-nowrap mh-w-full pt-6" id="CompanyID"> <div class="pr-10"> <div class="text-paragraph-big mb-6 text-grey-60 dark:text-white-60">Company</div> <a href="/about" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-company-sub-about"> About us </a> <a href="/#success-stories" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-company-sub-stories"> Success Stories </a> <a href="/people" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-company-sub-people"> People </a> <a href="/newsroom" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-company-sub-newsroom"> Newsroom </a> <a href="/cybersecurity-council" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-company-sub-council"> Cybersecurity Council </a> <a href="/contact" class="mh-px-6 mt-2 first:mt-0 mh-py-2 mh-text-button text-color-default hover:bg-black-100 hover:text-white-100 mh-flex justify-start items-center w-[280px]" data-toggle-sub-mega-menu="#mega-menu-company-sub-contact"> Contact us </a> </div> <div class="mh-w-full"> <div class="mh-w-full" id="mega-menu-company-sub-about"> <div class="mh-flex mh-flex-col mh-w-full mh-ml-10 pr-10"> <div class="text-headline text-color-default max-w-[800px]"> Discover Our Passion for Advancing Identity and Security </div> <div class="text-paragraph-big text-color-default max-w-[800px] mh-mt-6"> We are specialized in the strategic management of digital identities, privileges, authentication, and access control as well as cybersecurity and business resilience.​ </div> <a href="/about" class="mh-button-red self-end mh-mt-6"> <div>Read more about our philosophy</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> <div class="w-full" id="mega-menu-company-sub-stories"> <div class="flex flex-col pl-4 w-full"> <small class="text-paragraph-small text-grey-60 dark:text-white-60 pl-6">Success Stories</small> <div></div> <div> <a href="/success-story-securix" class="mh-px-10 mh-py-6 mh-flex mh-flex-row hover:bg-grey-5 w-full"> <div class="w-[160px] h-[90px] mh-flex mh-items-center mh-justify-center" width="160" height="90" style="padding: 10px; max-width: fit-content; aspect-ratio: 16/9; background: linear-gradient(0deg, rgba(255, 255, 255, 0.5), rgba(255, 255, 255, 0.5)), url('/assets/images/advisory-background2.jpg'); background-size: cover;"> <img src="/pictures/400/securixlogo.png" alt="Expanding Securix's Footprint in the Security Services Market" loading="lazy" style="max-height: 100%; margin: auto auto;"/> </div> <div class="mh-flex mh-flex-col mh-ml-6"> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Expanding Securix's Footprint in the Security Services Market </div> <div class="block text-paragraph-small h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Securix is an established IAM and cybersecurity services provider covering the Swiss and German markets. As part of our work, we helped Securix in identifying sweet spots for further growth in the consulting, system integration, and services business for IAM and cybersecurity. </div> </div> </a> </div> <div> <a href="/success-story-leading-chemical-company" class="mh-px-10 mh-py-6 mh-flex mh-flex-row hover:bg-grey-5 w-full"> <div class="w-[160px] h-[90px] mh-flex mh-items-center mh-justify-center" width="160" height="90" style="padding: 10px; max-width: fit-content; aspect-ratio: 16/9; background: linear-gradient(0deg, rgba(255, 255, 255, 0.5), rgba(255, 255, 255, 0.5)), url('/assets/images/advisory-background2.jpg'); background-size: cover;"> <img src="/pictures/400/iamstrategy.png" alt="KuppingerCole Success Story - Chemical Industry" loading="lazy" style="max-height: 100%; margin: auto auto;"/> </div> <div class="mh-flex mh-flex-col mh-ml-6"> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> KuppingerCole Success Story - Chemical Industry </div> <div class="block text-paragraph-small h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> Global chemical company revamped IAM with KuppingerCole's IAM strategy: guidance, assessment, roadmap. Enhanced security and efficiency. </div> </div> </a> </div> <div> <a href="/success-story-usu" class="mh-px-10 mh-py-6 mh-flex mh-flex-row hover:bg-grey-5 w-full"> <div class="w-[160px] h-[90px] mh-flex mh-items-center mh-justify-center" width="160" height="90" style="padding: 10px; max-width: fit-content; aspect-ratio: 16/9; background: linear-gradient(0deg, rgba(255, 255, 255, 0.5), rgba(255, 255, 255, 0.5)), url('/assets/images/advisory-background2.jpg'); background-size: cover;"> <img src="/pictures/400/USU_Logo_120px.png" alt="Navigating the Security and Compliance Jungle" loading="lazy" style="max-height: 100%; margin: auto auto;"/> </div> <div class="mh-flex mh-flex-col mh-ml-6"> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> Navigating the Security and Compliance Jungle </div> <div class="block text-paragraph-small h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> USU Software Solutions, a leading provider of IT and customer service management solutions, collaborated with KC to help its customers with upholding security regulations and in achieving compliance to those. </div> </div> </a> </div> <a href="/#success-stories" class="mh-button-red self-end mt-6"> <div>View All Success Stories</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> <div class="mh-w-full" id="mega-menu-company-sub-people"> <div class="mh-flex mh-flex-col mh-w-full mh-ml-10 pr-10"> <div class="mh-flex mh-flex-row mh-w-full"> <div class="mh-flex-1 mh-flex mh-flex-col"> <small class="text-paragraph-small text-grey-60 dark:text-white-60">Analysts & Advisors</small> <img class="mh-mt-6" src="/assets/images/analysts_and_advisors.jpg" alt="" /> <p class="text-paragraph-regular text-color-default mh-mt-6"> Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals. </p> </div> <div class="mh-flex-1 mh-flex mh-flex-col pl-20"> <small class="text-paragraph-small text-grey-60 dark:text-white-60">Business Team</small> <img class="mh-mt-6" src="/assets/images/business_team.jpg" alt="" /> <p class="text-paragraph-regular text-color-default mh-mt-6"> Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible. </p> </div> </div> <a href="/people" class="mh-button-red self-end mh-mt-6"> <div>Meet the Team</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> <div class="mh-w-full" id="mega-menu-company-sub-newsroom"> <div class="text-paragraph-small text-grey-60 dark:text-white-60 mh-ml-10">Latest Press Releases</div> <div class="mh-flex mh-flex-col mh-w-full"> <div> <a href="/press-release/cre-2024-wrapup" class="mh-px-10 py-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/dsc00045_opening_keynote.jpg" alt="KuppingerCole Analysts' cyberevolution 2024 Conference Connects 500 International Cybersecurity Experts in Frankfurt" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <div><span class="mr-4 first:mr-0 tag-grey" style="margin-right: 10px";>Press Release</span></div> <span class="mh-mr-6 last:mr-0">December 06, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> KuppingerCole Analysts' cyberevolution 2024 Conference Connects 500 International Cybersecurity Experts in Frankfurt </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> The cyberevolution 2024 conference in Frankfurt convened 500 industry leaders to explore advancements in cybersecurity within an AI-driven landscape. The event wrapped up with significant insights and a strengthened dedication to the responsible use of AI in safeguarding our digital future. </div> </div> </a> </div> <div> <a href="/press-release/eic25-press-release-1" class="mh-px-10 py-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2025_eic_1000x563px.jpg" alt="KuppingerCole Analysts Begin Preparations for the European Identity and Cloud Conference 2025" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <div><span class="mr-4 first:mr-0 tag-grey" style="margin-right: 10px";>Press Release</span></div> <span class="mh-mr-6 last:mr-0">November 27, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> KuppingerCole Analysts Begin Preparations for the European Identity and Cloud Conference 2025 </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> KuppingerCole Analysts announces the commencement of preparations for the highly anticipated European Identity and Cloud Conference 2025 (EIC 2025). As Europe’s premier event for identity and cloud professionals, EIC continues to be a hub for thought leadership, groundbreaking insights, and </div> </div> </a> </div> <div> <a href="/press-release/kc-memberships-2024" class="mh-px-10 py-6 mh-flex mh-flex-row hover:bg-grey-5 mh-w-full"> <img class="w-[160px] h-[90px]" width="160" height="90" src="/pictures/400/2024_membership_1000x563px_membership-levels-slide1.jpg" alt="KuppingerCole Analysts Introduces KC Memberships: Empowering Professionals in Identity Management and Cybersecurity" loading="lazy" /> <div class="mh-flex mh-flex-col mh-ml-6"> <div class="mh-flex mh-flex-row text-grey-60 dark:text-white-60 text-paragraph-small"> <div><span class="mr-4 first:mr-0 tag-grey" style="margin-right: 10px";>Press Release</span></div> <span class="mh-mr-6 last:mr-0">November 01, 2024</span> </div> <div class="mh-text-button text-color-default mt-2 max-w-prose whitespace-nowrap overflow-hidden overflow-ellipsis"> KuppingerCole Analysts Introduces KC Memberships: Empowering Professionals in Identity Management and Cybersecurity </div> <div class="mh-block text-paragraph-small mh-h-10 text-grey-60 dark:text-white-60 mt-2 max-w-prose overflow-hidden multiline-ellipsis-2"> KuppingerCole Analysts is excited to introduce KC Memberships, a new program aimed at providing professionals and businesses with premium resources, practical tools, and AI-driven insights to tackle real-world challenges in Identity Management and Cybersecurity. </div> </div> </a> </div> </div> </div> <div class="mh-w-full" id="mega-menu-company-sub-council"> <div class="mh-flex mh-flex-col mh-w-full mh-ml-10 pr-10"> <div class="text-headline text-color-default max-w-[800px]"> Cybersecurity Council </div> <div class="text-paragraph-big text-color-default max-w-[800px] mh-mt-6"> With the Cybersecurity Council, we bring together world-class information security professionals in leading positions from across many industries and schools of thought to exchange and discuss how to secure the rapidly growing cyber economy. The results of these fruitful discussions will flow into every of our services. </div> <a href="/cybersecurity-council" class="mh-button-red self-end mh-mt-6"> <div>Learn more</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> <div class="mh-w-full" id="mega-menu-company-sub-contact"> <div class="mh-flex mh-flex-row mh-ml-10 pb-24 pr-10 mh-w-full justify-start"> <div class="mh-flex mh-flex-col pr-10"> <small class="text-paragraph-small text-grey-60 dark:text-white-60">Basic contact information</small> <div class="mh-mt-6 text-title text-black-100 dark:text-white-100">KuppingerCole Analysts AG</div> <div class="mh-mt-6 text-paragraph-regular text-black-100 dark:text-white-100"> Wilhelmstr. 20-22 <br /> 65185 Wiesbaden <br /> Germany </div> <div class="grid grid-cols-2 my-6 gap-x-6"> <a href="mailto:info@kuppingercole.com" class="text-color-default text-paragraph-regular">info@kuppingercole.com</a> </div> <div class="mh-flex mh-flex-row items-center mt-9"> <div class="mh-mr-10"> <a href="https://www.linkedin.com/company/kuppingercole" target="_blank"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Linkedin.svg" alt="Linkedin" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Linkedin.svg" alt="Linkedin" /> </a> </div> <div class="mh-mr-10"> <a href="https://x.com/kuppingercole" target="_blank"> <img class="mh-hidden dark:block h-5 w-5" src="/assets/icons/dark/X.svg" alt="Twitter" /> <img class="mh-block dark:hidden h-5 w-5" src="/assets/icons/light/X.svg" alt="Twitter" /> </a> </div> <div class="mh-mr-10"> <a href="https://www.facebook.com/kuppingercole" target="_blank"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Facebook.svg" alt="Facebook" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Facebook.svg" alt="Facebook" /> </a> </div> <div class="mh-mr-10"> <a href="https://youtube.com/user/kuppingercole" target="_blank"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/YouTube.svg" alt="YouTube" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/YouTube.svg" alt="YouTube" /> </a> </div> <div class="mh-mr-10"> <a href="https://www.instagram.com/kuppingercole/" target="_blank"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Instagram.svg" alt="Instagram" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Instagram.svg" alt="Instagram" /> </a> </div> </div> </div> <div class="mh-flex mh-flex-col pt-11 pl-10"> <img src="/assets/images/contact-us.jpg" alt="Contact us" /> <a href="/contact" class="mh-button-red self-end mt-12"> <div>See all locations</div> <div class="ml-[5px] h-[24px]"> <img src="/assets/icons/dark/ArrowRight.svg" /> </div> </a> </div> </div> </div> </div> </div> <div class="mh-flex mh-flex-row mh-justify-between mh-mt-6" id="button-row"> </div> </div> <div class="mh-absolute mh-hidden mh-top-0 mh-bottom-0 mh-left-0 mh-flex mh-flex-col h-screen w-screen pb-[48px] mh-z-menu-100 mh-bg-grey-light dark:bg-grey-100" id="mobile-menu-search"> <div class="mh-p-6 mh-flex mh-flex-col"> <div class="mh-flex mh-flex-row mh-items-center mh-justify-between"> <a href="/" class="min-w-[165px] header-footer-md:mt-0 header-footer-md:min-w-[10px] header-footer-md:max-w-[132px] mh-header-footer-md:h-max" > <img class="mh-block dark:hidden" src="/assets/logos/kclogo.svg" alt="" /> <img class="mh-hidden dark:block" src="/assets/logos/kclogo_dark.svg" alt="" /> </a> <div class="mh-flex mh-flex-row items-center cursor-pointer" onclick="toggleMobileSearch(event);"> <div class="mh-ml-1 mh-h-6 mh-w-6"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Close.svg" alt="" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Close.svg" alt="" /> </div> </div> </div> </div> <div class="mh-w-full mh-flex mh-flex-row items-center justify-end mh-p-6 mh-pb-0"> <input data-search-bar-mobile class="bg-white-100 border-black-20 outline-none dark:border-[#CCCCCC] border-2 mh-p-3 mh-px-10 mh-w-full mh-text-grey-100 hover:border-grey-80 focus:border-black-100 disabled:hover:border-black-20 disabled:bg-black-5 disabled:text-grey-20 pr-[100px] mh-flex items-center justify-centerpx-10 md:px-3 md:pr-[68px] py-3 text-headline" type="text" placeholder="Type to search" /> <div class="mh-w-4 mh-absolute mh-h-4 mh-mr75px cursor-pointer" onclick="removeSearch()"> <img src="/assets/icons/light/Close.svg" /> </div> <div class="mh-w-6 mh-absolute mh-h-6 mh-mr-10 cursor-pointer" onclick="startSearch()"> <img src="/assets/icons/light/Search.svg" /> </div> </div> <div class="mh-flex mh-flex-row mh-mt-4 mh-p-6 mh-pt-0"> <div class="mh-flex mh-flex-row items-start"> <div class="h-[24px] mh-flex mh-flex-col mh-justify-center mtpx"> <input data-enable-ai-mobile class="checkbox-default mh-shrink color-default" type="checkbox"/> </div> <div class="mh-flex mh-flex-col mh-ml-1"> <span class="text-color-default text-paragraph-regular mh-flex mh-flex-row"> <div class="mh-block"> Yes, I want to try the new AI-powered search</div> </span> </div> </div> </div> </div> <div class="mh-hidden mh-w-full mh-h-max bg-white-100 dark:bg-grey-100 mh-flex-col mh-px-10 py-6 mh-absolute z-40" style="box-shadow: 0px 10px 20px -2px rgba(0, 0, 0, 0.1)" id="search" > <div class="mh-w-full mh-p-6 mh-flex mh-flex-col mh-justify-center items-center"> <div class="w-2/3"> <div class="mh-flex mh-flex-row items-center justify-end"> <input data-search-bar class="bg-white-100 border-black-20 outline-none dark:border-[#CCCCCC] border-2 mh-p-3 mh-px-10 mh-w-full mh-text-grey-100 hover:border-grey-80 focus:border-black-100 disabled:hover:border-black-20 disabled:bg-black-5 disabled:text-grey-20 pr-[100px] mh-flex items-center justify-centerpx-10 md:px-3 md:pr-[68px] py-3 text-headline" type="text" placeholder="Type to search" /> <div class="mh-w-4 mh-absolute mh-h-4 mh-mr75px cursor-pointer" onclick="removeSearch()"> <img src="/assets/icons/light/Close.svg" /> </div> <div class="mh-w-6 mh-absolute mh-h-6 mh-mr-10 cursor-pointer" onclick="startSearch()"> <img src="/assets/icons/light/Search.svg" /> </div> </div> <div class="mh-flex mh-flex-row mh-mt-4"> <div class="mh-flex mh-flex-row mh-items-start"> <div class="h-[24px] mh-flex mh-flex-col mh-justify-center mh-mt-px"> <input data-enable-ai class="checkbox-default mh-shrink color-default" type="checkbox" /> </div> <div class="mh-flex mh-flex-col mh-ml-1"> <span class="text-color-default text-paragraph-regular mh-flex mh-flex-row"> <div class="mh-block ml-2"> Yes, I want to try the new AI-powered search</div> </span> </div> </div> </div> </div> </div> </div> </div> <div class="w-screen text-color-default px-20 md:px-6 pt-10 header-footer-xl:pt-0 main"> <style> img.logo { background-color: #fff; padding: 20px; } </style> <div class="py-[80px] md:py-[60px] bg-transparent flex flex-col"> <a href="/research" class="link-paragraph-big"> All Research <div class="w-6 h-6 ml-1"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ArrowBack.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ArrowBack.svg" alt="" /> </div> </a> <div class="flex flex-row md:flex-col md:gap-6 justify-between mt-10 md:mt-6"> <div class="flex flex-row md:flex-col md:w-1/2 items-center md:items-start"> <div class="tag-grey mr-4 md:mr-0 md:mb-2">Leadership Compass</div> </div> <div class="flex flex-row justify-between gap-x-4 bg-grey-5 dark:bg-white-5 w-max p-1 px-2 md:min-w-0 min-w-[304px]"> <div class="ld-modal hidden flex"> <div class="ld-modal-content"> <div class="w-full flex justify-between items-center"> <h3 class="text-headline text-black-100 dark:text-white-100 like-title">Like this?</h3> <h3 class="text-headline text-black-100 dark:text-white-100 dislike-title">Don't like this?</h3> <span class="ld-modal-close cursor-pointer" onclick="document.querySelector('.ld-modal').classList.toggle('hidden');"> <img class="block dark:hidden" width="22px" height="22px" src="/assets/icons/light/Close.svg"> <img class="hidden dark:block" width="22px" height="22px" src="/assets/icons/dark/Close.svg"> </span> </div> <p class="mt-6 text-paragraph-regular like-text"> Log in to make your opinion count! We will also use your feedback to tune your personal recommendations. </p> <p class="mt-6 text-paragraph-regular dislike-text"> Log in to hear your voice heard. We'll also make sure to update your personal recommendations. </p> <div class="flex flex-row mt-6 items-center"> <a class="button-red" href="/login?back=/reprints/e51fa20f25870cf09c98709b25ad0ed9">Login</a> <div class="flex flex-row ml-6">Don't have a KC account yet? <a class="link-paragraph-regular flex flex-row mr-6" href="/register?back=/reprints/e51fa20f25870cf09c98709b25ad0ed9"> Join Now </a> </div> </div> </div> </div> <div class="ld-dislike-modal ld-modal-hidden"> <div class="ld-dislike-modal-content"> <div class="w-full flex justify-between items-center"> <h3 class="text-headline text-black-100 dark:text-white-100">Why don't you like this?</h3> <span class="ldd-modal-close cursor-pointer ml-6" onclick="closeDislikeModal();"> <img class="block dark:hidden" width="22px" height="22px" src="/assets/icons/light/Close.svg"> <img class="hidden dark:block" width="22px" height="22px" src="/assets/icons/dark/Close.svg"> </span> </div> <div class="mt-4 mb-3"> <div class="form-check flex"> <input class="form-check-input" type="radio" name="dislike-option" id="not-relevant" value="not-relevant"> <label class="form-check-label ml-2" for="not-relevant"> This isn't relevant for me </label> </div> </div> <div class="mb-3"> <div class="form-check flex"> <input class="form-check-input" type="radio" name="dislike-option" id="dont-like-content" value="content"> <label class="form-check-label ml-2" for="dont-like-content"> I don't like the content </label> </div> </div> <div class="mb-3"> <textarea id="dislike-reason" class="form-control hidden textarea w-full" rows="3" placeholder="Please tell us why you don't like the content"></textarea> </div> <div class="flex"> <button id="dislike-submit" class="button-red">Submit</button> <button type="button" onclick="closeDislikeModal()" class="ml-6 link-paragraph-regular">Cancel</button> </div> </div> </div> <div data-ldbutton data-user="" data-objecttype="research" data-objectid="838" data-ldInitialState="0" data-ldInitialLikeCount="0" class="flex flex-row items-center bg-grey-5 dark:bg-white-5 w-max rounded-full p-1 no-bg"> <a class="link-paragraph-regular h-max w-max" title="I like this"> <div data-ldLikeArea class="p-1 flex flex-row items-center"> <div data-ldLikeIcon class="mr-2"> <img class="hidden dark:block h-full w-full h-6 w-6" src="/assets/icons/dark/Like.svg" alt="I like this" /> <img class="block dark:hidden h-full w-full h-6 w-6" src="/assets/icons/light/Like.svg" alt="I like this" /> </div> <div data-ldLikeActiveIcon class="hidden mr-2"> <img class="hidden dark:block h-full w-full h-6 w-6" src="/assets/icons/dark/LikeActive.svg" alt="I like this" /> <img class="block dark:hidden h-full w-full h-6 w-6" src="/assets/icons/light/LikeActive.svg" alt="I like this" /> </div> <div data-ldLikeCount class="text-base text-color-default font-medium like-count" style="width:10px;">0</div> </div> </a> <div class="h-6 border-l-[1px] border-grey-60 opacity-70 dark:border-white-60"></div> <a class="link-paragraph-regular h-max w-max" title="I don't like this"> <div data-ldDislikeArea class="p-1 flex flex-row items-center"> <div data-ldDislikeIcon class=""> <img class="hidden dark:block h-full w-full h-6 w-6" src="/assets/icons/dark/Dislike.svg" alt="I don't like this" /> <img class="block dark:hidden h-full w-full h-6 w-6" src="/assets/icons/light/Dislike.svg" alt="I don't like this" /> </div> <div data-ldDislikeActiveIcon class="hidden"> <img class="hidden dark:block h-full w-full h-6 w-6" src="/assets/icons/dark/DislikeActive.svg" alt="I don't like this" /> <img class="block dark:hidden h-full w-full h-6 w-6" src="/assets/icons/light/DislikeActive.svg" alt="I don't like this" /> </div> </div> </a> </div> <button type="button" title="Bookmark this page" class="bookmarking-button" data-objectid="838" data-objecttype="research" data-bookmarked="false" data-textfield="true" data-color="" data-nologin="true"></button> <button type="button" title="Share this page" class="share-button" data-title="Security Orchestration Automation and Response (SOAR)" data-link="" data-color=""></button> </div> </div> <div class="flex flex-row justify-between mt-10 md:mt-6 header-footer-md:flex-col"> <div class="flex flex-col pr-20 md:p-0"> <h1 class="text-black-100 dark:text-white-100 text-display md:mt-4 2xl:w-full md:w-full"> Security Orchestration Automation and Response (SOAR) </h1> <div class="text-grey-80 dark:text-white-85 text-title mt-6 md:mt-4 2xl:w-full md:w-full"> <time datetime="2023-01-30 00:00:00"> January 30, 2023 </time> </div> </div> <div class="flex flex-col max-w-[400px] w-full md:mt-6 header-footer-md:mt-10"> <div class="mt-2 first:mt-0"> <a href="/people/leal"><div class="h-[120px] md:h-[60px] w-max flex flex-row overflow-hidden"> <img class="h-[120px] md:h-[60px] w-[120px] md:w-[60px]" src="/pictures/200/p1011245-edit.jpg" alt="" /> <div class="flex flex-col ml-6 justify-center items-center"> <div class="text-paragraph-big text-color-default">Alejandro Leal</div> </div> </div></a> </div> </div> </div> </div> <div class="flex flex-row pb-10 lg:flex-col"> <div class="flex flex-col pr-20 lg:pr-0" style="flex-grow: 1;"> <div class="mb-6"> <div id="TLDR"></div> <div id="tldr-section" class="relative bg-grey-100 dark:bg-black-20 flex flex-col overflow-hidden"> <div data-tab-list> <div data-tab-list-content-area> <div data-tab-page id="description" class="grid"> <div> <div class="flex dark flex-col text-white-100 lg:flex-col gap-x-20 px-[60px] py-10 md:px-6 md:py-10 items-start justify-start"> <div class="flex flex-row items-center"> <div class="pb-10 text-white-100 text-headline">Description</div> </div> <article class="md:p-0 text-paragraph-regular text-white-100 overflow-hidden relative h-max apply-research-styles-small"> <div class="text-title"> This report provides an overview of the SOAR market and a compass to help you find a solution that best meets your needs. We examine the SOAR market segment, product/service functionality, relative market share, and innovative approaches to providing SOAR solutions. </div> </article> </div> </div> </div> <div data-tab-page id="summary" class="grid"> <div> <div class="flex dark flex-col text-white-100 lg:flex-col gap-x-20 px-[60px] py-10 md:px-6 md:py-10 items-start justify-start"> <div class="flex flex-row items-center"> <div class="pb-10 text-white-100 text-headline">Short Summary</div> </div> <article class="md:p-0 text-paragraph-regular text-white-100 overflow-hidden relative h-max apply-research-styles-small"> <div class="text-title"> <p>Cyberattacks have been escalating, driven by evolving tactics and technologies that were previously exclusive to state actors but are now widespread among cybercriminals. Global supply chains and organizations, already weakened by the Covid-19 pandemic, face heightened risks due to geopolitical tensions, demanding more sophisticated cybersecurity responses. Security Information and Event Management (SIEM) systems, while foundational, struggle with high costs, a deluge of false positives, and operational inefficiencies. The rise of Security Orchestration, Automation, and Response (SOAR) platforms aims to address these challenges by automating and streamlining incident response, augmenting SIEM capabilities with centralized coordination and enriched threat intelligence.</p> <p>SOAR solutions have gained traction among large organizations needing robust, automated incident response mechanisms. These platforms integrate various security tools and provide comprehensive coverage from network to application layers, leveraging endpoint protection, cloud security, and identity management. SOAR systems, when integrated with SIEMs, effectively collect and enrich data, automate workflows, and manage incidents. The use of playbooks allows for automated responses to common security events, minimizing manual intervention and enhancing efficiency.</p> <p>Furthermore, modern SOAR platforms must support seamless integration with existing security infrastructures, offer extensive API compatibility, and provide robust case management and automation capabilities. The industry's adoption of Extended Detection and Response (XDR) solutions highlights a continued evolution towards more comprehensive, integrated cybersecurity architectures.</p> <p>Given the current cybersecurity landscape, every organization must urgently enhance its infrastructure and equip Security Operations Centers (SOC) with advanced tools. Vendors are expanding SOAR capabilities to ensure effective threat detection, analysis, and response, forming the backbone of contemporary security operations frameworks.</p> </div> </article> </div> </div> </div> <div data-tab-page id="facts" class="grid"> <div> <div class="flex dark flex-col text-white-100 lg:flex-col gap-x-20 px-[60px] py-10 md:px-6 md:py-10 items-start justify-start"> <div class="flex flex-row items-center"> <div class="pb-10 text-white-100 text-headline">Interesting Facts</div> </div> <article class="md:p-0 text-paragraph-regular text-white-100 overflow-hidden relative h-max apply-research-styles-small"> <div class="text-title"> <ul> <li>Cyberattacks have intensified recently, with cybercriminals adopting sophisticated tactics.</li> <li>Global supply chains are at increased risk of cyberattacks due to geopolitical instability.</li> <li>Traditional SIEM systems face high deployment and operational costs and generate numerous false positives.</li> <li>SOAR platforms automate incident responses, reducing manual tasks for SOC analysts.</li> <li>Integration of endpoint protection, cloud security, and identity management is crucial for modern cybersecurity.</li> <li>SOAR platforms use playbooks to automate responses to security events.</li> <li>New vendors provide SOAR solutions with pre-packaged connectors for various security tools.</li> <li>Endpoint security tools now combine Endpoint Protection (EPP) and Endpoint Detection &amp; Response (EDR) capabilities.</li> <li>Some SOAR systems integrate threat intelligence from external sources to augment internal data.</li> <li>SOAR's integration with IT Service Management (ITSM) suites helps coordinate incident response activities.</li> </ul> </div> </article> </div> </div> </div> <div data-tab-page id="quotes" class="grid"> <div> <div class="flex dark flex-col text-white-100 lg:flex-col gap-x-20 px-[60px] py-10 md:px-6 md:py-10 items-start justify-start"> <div class="flex flex-row items-center"> <div class="pb-10 text-white-100 text-headline">Notable Quotes</div> </div> <article class="md:p-0 text-paragraph-regular text-white-100 overflow-hidden relative h-max apply-research-styles-small"> <div class="text-title"> <ul> <li>&quot;Cybercriminals continue to devise new strategies to launch sophisticated attacks.&quot;</li> <li>&quot;Traditional approaches and tools of cybersecurity have failed to keep up.&quot;</li> <li>&quot;SOAR platforms aim to become the foundation of contemporary SOCs.&quot;</li> <li>&quot;Identity is the new perimeter, playing a critical role in the overall security architecture.&quot;</li> <li>&quot;Playbooks typically address common security scenarios and can be triggered either by manual analyst action or automatically.&quot;</li> <li>&quot;Every organization must act with extreme urgency to secure its information technology infrastructure.&quot;</li> <li>&quot;The selection of any SOAR solution will depend on the organization’s particular requirements.&quot;</li> <li>&quot;Organizations need to actively seek out new ways to assess and respond to cyber threats.&quot;</li> <li>&quot;Modern SOAR solutions should be able to remove the statistical noise and reduce false positives.&quot;</li> </ul> </div> </article> </div> </div> </div> <div data-tab-page id="recommendations" class="grid"> <div> <div class="flex dark flex-col text-white-100 lg:flex-col gap-x-20 px-[60px] py-10 md:px-6 md:py-10 items-start justify-start"> <div class="flex flex-row items-center"> <div class="pb-10 text-white-100 text-headline">Recommendations</div> </div> <article class="md:p-0 text-paragraph-regular text-white-100 overflow-hidden relative h-max apply-research-styles-small"> <div class="text-title"> <ul> <li>Adopt SOAR platforms to improve incident response automation and SOC efficiency.</li> <li>Integrate SIEM with SOAR for enriched data collection and real-time threat analysis.</li> <li>Utilize playbooks to automate responses to common security events.</li> <li>Incorporate comprehensive identity and access management systems to strengthen security architectures.</li> <li>Consider Extended Detection and Response (XDR) solutions for a holistic approach to threat management.</li> <li>Ensure SOAR platforms can integrate seamlessly with existing and planned security tools.</li> <li>Focus on vendor solutions that offer extensive API compatibility and pre-packaged connectors.</li> <li>Regularly update SOAR workflows and playbooks to align with evolving threat landscapes.</li> <li>Implement Endpoint Protection Detection &amp; Response (EPDR) suites for robust endpoint security.</li> <li>Leverage threat intelligence sources, both internal and external, for enhanced incident analysis.</li> </ul> </div> </article> </div> </div> </div> <div data-tab-page id="takeaways" class="grid"> <div> <div class="flex dark flex-col text-white-100 lg:flex-col gap-x-20 px-[60px] py-10 md:px-6 md:py-10 items-start justify-start"> <div class="flex flex-row items-center"> <div class="pb-10 text-white-100 text-headline">Takeaways</div> </div> <article class="md:p-0 text-paragraph-regular text-white-100 overflow-hidden relative h-max apply-research-styles-small"> <div class="text-title"> <ul> <li>Cyberattacks are becoming more sophisticated and frequent, necessitating advanced cybersecurity tools.</li> <li>Traditional SIEM systems, while foundational, struggle with high costs and operational inefficiencies.</li> <li>SOAR platforms address these challenges by automating incident responses and enriching data analysis.</li> <li>Comprehensive cybersecurity architectures must integrate various security tools, including identity management and endpoint protection.</li> <li>The rise of XDR solutions signals a continued evolution towards integrated, holistic cybersecurity measures.</li> </ul> </div> </article> </div> </div> </div> </div> <div class="relative flex flex-row overflow-x-auto w-full justify-start md:justify-start items-center flex-nowrap whitespace-nowrap z-20 bg-black-20-solid"> <div data-tab-target="#description" class="w-full"> <div class="bg-black-20-solid dark:bg-black-60 text-white-100 px-4 py-4 cursor-pointer hover:bg-black-100 hover:text-white-100 flex flex-nowrap w-full flex items-center justify-center text-paragraph-small">Description</div> </div> <div data-tab-target="#summary" class="w-full"> <div class="bg-black-20-solid dark:bg-black-60 text-white-100 px-4 py-4 cursor-pointer hover:bg-black-100 hover:text-white-100 flex flex-nowrap w-full flex items-center justify-center text-paragraph-small">Short Summary</div> </div> <div data-tab-target="#facts" class="w-full"> <div class="bg-black-20-solid dark:bg-black-60 text-white-100 px-4 py-4 cursor-pointer hover:bg-black-100 hover:text-white-100 flex flex-nowrap w-full flex items-center justify-center text-paragraph-small">Interesting Facts</div> </div> <div data-tab-target="#quotes" class="w-full"> <div class="bg-black-20-solid dark:bg-black-60 text-white-100 px-4 py-4 cursor-pointer hover:bg-black-100 hover:text-white-100 flex flex-nowrap w-full flex items-center justify-center text-paragraph-small">Notable Quotes</div> </div> <div data-tab-target="#recommendations" class="w-full"> <div class="bg-black-20-solid dark:bg-black-60 text-white-100 px-4 py-4 cursor-pointer hover:bg-black-100 hover:text-white-100 flex flex-nowrap w-full flex items-center justify-center text-paragraph-small">Recommendations</div> </div> <div data-tab-target="#takeaways" class="w-full"> <div class="bg-black-20-solid dark:bg-black-60 text-white-100 px-4 py-4 cursor-pointer hover:bg-black-100 hover:text-white-100 flex flex-nowrap w-full flex items-center justify-center text-paragraph-small">Takeaways</div> </div> </div> </div> </div> </div> <div class="w-full py-6 px-10 bg-grey-100 dark:bg-grey-100 flex"> <div class="w-6 h-6 mr-2"><img src="/assets/icons/dark/Info.svg" /></div> <div class="w-full text-white-100 text-paragraph-regular">Please note that a <a href="/research/lc80863/security-orchestration-automation-and-response-soar" style="text-decoration: underline;">newer version of this paper</a> is available, published on <b>October 08, 2024</b>. You might want to check it out instead.</div> </div> <article class="md:p-0 text-paragraph-regular text-color-default overflow-hidden relative h-max"> <div class="apply-research-styles"> <h1 id="heading1">1 Introduction / Executive Summary</h1> <p>Cyberattacks have been intensifying over the past few years as cybercriminals continue to devise new strategies to launch sophisticated attacks and gain unauthorized access. The tactics, techniques, and procedures (TTPs) that were once only used by well-funded state actors are being commoditized by cybercriminals. As a result, some vendors realized that the traditional approaches and tools of cybersecurity have failed to keep up.</p> <p>Global supply chains and private organizations, which are already in a precarious state due to the Covid-19 pandemic, are facing an increased risk of cyber-attacks as a result of geopolitical instability. To stay secure and compliant, organizations need to actively seek out new ways to assess and respond to cyber threats while providing Security Operations Centers (SOC) analysts with the right tools.</p> <p>Large organizations, whether they are part of critical infrastructure or not, need to be able to detect and respond to incidents by monitoring security and analyzing real-time events. Security Information and Event Management (SIEM) products were once hailed as the ultimate solution for managing security operations. In many organizations, they still form the foundation of modern SOCs. However, visibility of potential security events alone does not help analysts to assess each discovered threat, nor does it reduce the amount of time spent on repetitive manual tasks in incident response processes.</p> <p>High deployment and operational costs, lack of intelligence to react to modern cyberthreats, and the growing skills gap to staff the security teams needed for efficient security operations were the most common problems of legacy SIEM tools. SIEMs did and still do provide value, but some SIEM users report that the volume of false positives causes problems in trying to sift out what is worthy of attention and follow-up and what is not.</p> <p>Parallel to SIEM solutions, a class of incident investigation and response platforms has emerged focusing on creating more streamlined and automated workflows for dealing with security incidents. Security Orchestration, Automation, and Response (SOAR) products are the latest iteration of this evolution. SOAR vendors provide solutions that offer centralized coordination, collaboration, and management for forensic analysis and incident response.</p> <p>Driven by the growing demand to implement centralized, automated control over incident analysis and response workflows across disparate security solutions, vendors are expanding their existing security intelligence, security orchestration, or incident response platforms to combine the key capabilities across all three of these market segments.</p> <p>Complementing or directly integrating with SIEMs, SOAR platforms aim to become the foundation of contemporary SOCs. Large organizations were the early adopters of SOAR solutions as they were more susceptible to cyberattacks. Whether or not your organization has a mature and established SOC, SOAR capabilities have the potential to augment SIEM/SOC deployments beyond the detection stage.</p> <p>Modern cybersecurity architectures must include tools and services that cover everything from the network layer to the application layer and all the devices in between. Network layer security tools include firewalls, VPNs, routers/switches, Software Defined Networking (SDN) control planes, Intrusion Detection and Prevention Systems (IDS/IPS), email gateways, web gateways, Network Detection &amp; Response (NDR) solutions, and Distributed Deception Platforms (DDPs). Associated cloud resources should have Cloud Access Security Brokers (CASBs) for both network and application layer controls, and Cloud Workload Protection Platforms (CWPPs) to secure workloads in IaaS and PaaS.</p> <p>Endpoints need Endpoint Protection (EPP) suites and Endpoint Detection &amp; Response (EDR) capabilities. EPP should contain a multiplicity of security functions: advanced anti-malware agents that can proactively discover and prevent malware from executing, utilizing ML-enhanced behavioral and memory analysis, exploit prevention, and other measures. EPP should also perform application control, integrate with or provide endpoint firewall protection, URL filtering, critical system file monitoring, asset inventory and patch management, and vulnerability management. EDR solutions have deeper monitoring and analysis functions that look for signs of attacks on endpoints that may have gone unnoticed by EPP. EDR should have automatic analysis and remediation capabilities. All kinds of endpoints should be considered, not just desktops and laptops, but also servers, virtual servers, containers, mobile phones, and IoT devices. Most vendors now offer Endpoint Protection Detection &amp; Response (EPDR) tools that combine EPP and EDR.</p> <p>Application security starts with secure coding practices. Nevertheless, additional security mechanisms are needed and when deployed can help protect apps from attacks. Defenses at the application layer may include protocol gateways, reverse proxies, API gateways, and Web Application Firewalls (WAFs). CASB and CWPP solutions are useful for cloud hosted applications.</p> <p>Databases, Big Data systems, data lakes, and data analytics tools must be considered. Databases have built-in security constructs that must be employed to control access and protect against sabotage. SQL database security is well established but can be harmonized with enterprise security policies using SQL proxies and API security gateways. Big Data tools and related storage units require a mix of application, network, and cloud security tools for proper coverage.</p> <p>Last but certainly not least is identity. We have heard for years that “Identity is the new perimeter”. This means that Identity and Access Management (IAM) systems play a critical role in the overall security architecture. Traditional security perimeters have become more porous over the years to allow higher level traffic to communicate directly with business or mission-critical applications. Digital identity is what allows for better protection of all resources along the path from “outside” to “inside”, by enforcing strong authentication and granular authorization. Thus, IAM concepts, systems, and controls must pervade all digital environments.</p> <p>SOAR systems can be fed by all these kinds of security solutions, albeit indirectly through the aforementioned SIEMs. SOARs that are tightly integrated with SIEMs can take in telemetry via APIs or in CEF and syslog format. SOAR systems generally have OOTB connectors (software configurations and code in the form of packaged API calls) to facilitate data collection from upstream sources. In some cases, analysts need access to full packet captures, so NetFlow and PCAP are supported by some vendors. In those cases, vendors have appliances that can connect on SPAN/TAP ports on network devices to achieve full packet capture.</p> <p>The orchestration aspect of SOAR involves not only the collection of telemetry from these different sources, but also initiating a workflow, opening cases and tickets where appropriate, and correlation and enrichment of event information. Many large organizations, especially the type looking for SOAR systems, have IT Service Management (ITSM) Suites that dispatch and track activities in the form of tickets. SOAR solutions have case management capabilities by design, but they must also interoperate with existing ITSM solutions.</p> <p>For example, a ransomware attack will generate alerts from one or more endpoints and possibly network monitoring and data storage monitoring systems. SOAR’s job is to distinguish between related and unrelated events across all connected systems, assemble it coherently, enrich the event information by acquiring additional intelligence about observed entities (files, URLs, IP addresses, user accounts, etc.), create and/or coordinate tickets with ITSMs, with the goal of assisting human analysts and/or taking pre-programmed responses in playbooks.</p> <p>Enrichment of event data can be facilitated by SOAR systems by the automatic collection of additional forensic evidence on-site, such as outputs of EPP scans, obtaining non-standard log files, memory dumps, etc. Some vendor solutions can kick off somewhat automated threat hunts (looking for IOCs across multiple nodes in an environment) and add the results to preliminary investigation. SOAR solutions should also be able to generate queries to threat intelligence sources based on suspicious items and patterns observed from upstream telemetry.</p> <p>Some vendors have extensive threat intelligence capabilities which are utilized by their SOAR solutions. External threat intelligence sources may and ideally should be used to supplement internal threat intel sources. Examples of threat intelligence content include IOCs (files, hashes, IPs, URLs, and so forth), compromised credential intelligence, device intelligence (often from Mobile Network Operators [MNOs]), and domain/file/IP/URL reputation information. Ideally SOAR solutions will accomplish all the foregoing actions automatically prior to or while alerting a human analyst.</p> <p>When an analyst is alerted and assigned a case, all pertinent information related to the event should be constructed and presented by the SOAR platform to the analysts for their investigation. The SOAR platform should package information coherently, with descriptions and recommendations for actions.</p> <p>Most SOAR vendors adhere to the paradigm of a playbook, sometimes called a runbook. Playbooks typically address common security scenarios and can be triggered either by manual analyst action or automatically if allowed by policy and supported by the vendor. Examples of security events that may trigger playbooks are phishing, malware, ransomware, failed login attempts, excessive or abnormal use of privileged credentials, prohibited communication attempts, attempts to access unauthorized resources, file copying or moving, attempts to transfer data using unauthorized webmail providers, attempts to transfer data to blocked IPs or URLs, unusual process launches, unusual application to network port activities, unusual network communication patterns, and so on. The end goal of SOAR is to be able to automate incident responses among the various security systems. To this end, SOAR platforms often support dozens to hundreds of playbook scenarios and offer hundreds to thousands of possible incident response actions.</p> <p>Given the current geopolitical climate, every organization must act with extreme urgency to secure its information technology infrastructure. As rogue nations continue to foster an environment for cybercriminals and ransomware attackers to thrive, organizations need to be prepared and build a strong security foundation while providing SOC analysts with the right tools.</p> <p>As a result, some vendors have recently started to adopt Extended Detection and Response (XDR) solutions. XDR has been considered as the next evolution of EDR because it takes a holistic approach to threat detection and response that facilitates data ingestion, analysis, and prevention workflows across an organization’s IT infrastructure. Although XDR is intended to be “SOAR-like”, SOAR is still relevant and appropriate for large organizations that have SOCs and those that have taken a best of breed security architecture approach. SOAR can be beneficial and help bring those best of breed products together in a unified way.</p> <p>Ultimately, the selection of any SOAR solution will depend on the organization’s particular requirements, which depend strongly on the currently deployed and planned IT security and IAM infrastructure. Careful consideration must be given to evaluating which SOAR solutions have integrations for the tools in use and on the roadmap. The maximum utility is achieved by selecting a SOAR that has pre-packaged connectors for all the security and identity elements in your portfolio.</p> <h2 id="heading1.1">1.1 Highlights</h2> <p>As the number and sophistication of cyberattacks have continued to increase over the years, organizations need to be prepared and build a strong security foundation while providing SOC analysts with the right tools.</p> <p>SOAR products have been driven by the growing demand to distinguish between related and unrelated events across all connected systems, enrich the event information by acquiring additional intelligence, create and/or coordinate tickets with ITSMs, and assist human analysts with pre-programmed responses in playbooks.</p> <p>The SOAR market is mature and as such has a reasonably well-defined terminology and includes capabilities such as data collection, correlation, enrichment, orchestration, automation, and incident response and mitigation.</p> <p>Some vendors provide SOAR as a service for their customers, and most license their products to Managed Security Service Providers (MSSPs) who run it on behalf of their customers.</p> <p>SOAR vendors deliver solutions that often require complex on-premises deployments. However, SOAR systems also offer support for various cloud hosted environments such as IaaS, PaaS, and SaaS applications as well.</p> <p>The selection of any SOAR solution will depend on the organization’s particular requirements, which depend strongly on the currently deployed and planned IT security and IAM infrastructure.</p> <p>The Overall Leaders (in alphabetical order) are D3 Security, Fortinet, IBM Security, Logpoint, Microsoft, Palo Alto Networks, Splunk, and ServiceNow.</p> <p>The Product Leaders (in alphabetical order) are D3 Security, Fortinet, IBM Security, Logpoint, Microsoft, Palo Alto Networks, ServiceNow, Splunk, Swimlane, and ThreatQuotient.</p> <p>The Innovation Leaders (in alphabetical order) are Fortinet, IBM Security, Logpoint, Palo Alto Networks, and ServiceNow.</p> <p>The Market Leaders (in alphabetical order) are Fortinet, IBM Security, Microsoft, Palo Alto Networks, ServiceNow, and Splunk.</p> <h2 id="heading1.2">1.2 Market Segment</h2> <p>The SOAR market is mature and as such has a reasonably well-established terminology and core set of capabilities. The term “SOAR” itself is embraced by many vendors.</p> <p>Some vendors in the market started out with a mission to address what they saw as missing functionality in the broader cybersecurity market. These start-ups may have gone through several rounds of funding and grown a sizable customer base. Furthermore, some of the bigger specialty start-ups in the SOAR market have been acquired by large cybersecurity stack vendors who were desirous to add these types of capabilities to their already extensive suites of products and services. In other cases, SOAR has been an outgrowth to complementary product offerings (most commonly SIEM) at some of the mid-tier vendors in the market.</p> <p>Customers in the SOAR market tend to be somewhat mid-sized businesses, enterprises, and government agencies. Organizations that have established IT security departments, especially those with SOCs, are the most likely to see a need for SOAR. SMBs and some enterprises that are either outsourcing IT functions or adding security capabilities but not adding staff are turning to MSSP options that have SOAR.</p> <p>The SOAR market is valid globally, but the greatest uptake has been in North America, followed by Europe. However, many companies are expanding into the APAC region. This region comprises some of the world’s largest economies, such as China, India, Japan, Singapore, and Australia. With the threat landscape constantly changing, cyber threats experienced by organizations in these countries are increasing at an alarming rate. We expect to see more organizations across the world adding SOAR to their cybersecurity portfolios in the years ahead. SOAR as an outsourced function provided by MSSPs is also likely to grow in popularity.</p> <h2 id="heading1.3">1.3 Delivery Models</h2> <p>SOAR solutions often require complex deployment models. In most cases, on-premises components must be implemented, including software agents and API connectivity for upstream security systems from which telemetry will be gathered, and appliances and/or virtual appliances that serve as collection, analysis, operational, and management nodes for the SOAR solution.</p> <p>Over the past few years, digital transformation has been driving organizations to adopt cloud-based solutions and change their operating models. SOAR systems also generally provide support for various cloud hosted environments such as IaaS and PaaS, which requires agents or images to be installed or the use of customized APIs. Some support specific SaaS applications as well. Cloud-based deployment offers several benefits to organizations, such as scalability and agility, reduced physical infrastructure, less maintenance cost, flexibility, and continuous accessibility of data.</p> <p>In addition to APIs and connectors for security tools, SOAR platforms have user interfaces for administrators and analysts. Some vendors offer this as a capability on the components installed on-premises and others offer it as a cloud-hosted service.</p> <h2 id="heading1.4">1.4 Required Capabilities</h2> <p>Nevertheless, it’s worth reiterating that we expect a Security Orchestration, Automation, and Response platform to implement all three of the core set of capabilities mentioned below:</p> <p><strong>Security data collection, correlation, and enrichment:</strong> a SOAR platform can collect historical and real-time security data either on its own or ingest security events from a SIEM solution. The data should be enriched with additional business context, external threat intelligence, or other data sources according to established workflows.</p> <p><strong>Security Orchestration and Automation:</strong> a SOAR platform should implement comprehensive workflow management capabilities to ensure that tasks across multiple environments and security tools can be efficiently coordinated. Whenever possible, repetitive parts of these workflows should be automated to free the analyst’s time for more creative tasks. For manual steps, intelligent guidance and decision support capabilities are a major plus.</p> <p><strong>Incident Response and mitigation:</strong> for identified security incidents, a SOAR platform should be able to offer a range of predefined resolutions: ranging from simple actions like creating a ticket for manual processing or blocking an infected machine in a firewall to more sophisticated playbooks that coordinate response processes across multiple departments: from IT to legal and public relations.</p> <p>The specific set of features we consider in SOAR solutions are:</p> <ul> <li>Telemetry collection</li> <li>Correlation</li> <li>Enrichment</li> <li>Workflow orchestration, automation, and case management</li> <li>Incident response</li> <li>Playbooks</li> <li>Automated analysis</li> <li>Case Management</li> <li>SIEM integration</li> <li>EPDR integration</li> <li>Email/web gateway integration</li> <li>Cloud integration</li> <li>IAM integration</li> <li>Threat Hunting</li> <li>Support for standards such as STIX, TAXII, and CyBox</li> <li>Well-documented APIs</li> <li>SOAR functionality across multi-cloud environments</li> <li>Multi-Factor Authentication (MFA) and identity federation for admins and analysts</li> <li>Comprehensive forensic tools</li> </ul> <p>We are looking for vendors that only cover full-featured and mature SOAR products and solutions. Vendors that only focus on a specific IT environment or a subset of security information will be excluded from this list.</p> <p>However, there are no further exclusion criteria such as revenue or number of customers. We cover vendors from all regions, from start-ups to large companies.</p> <h1 id="heading2">2 Leadership</h1> <p>Selecting a vendor of a product or service must not only be based on the information provided in a KuppingerCole Leadership Compass. The Leadership Compass provides a comparison based on standardized criteria and can help identifying vendors that shall be further evaluated. However, a thorough selection includes a subsequent detailed analysis and a Proof of Concept of pilot phase, based on the specific criteria of the customer.</p> <p>Based on our rating, we created the various Leadership ratings. The Overall Leadership rating provides a combined view of the ratings for</p> <ul> <li>Product Leadership</li> <li>Innovation Leadership</li> <li>Market Leadership</li> </ul> <p>The Overall Leadership rating provides a consolidated view of all-around functionality, innovation, market presence, and financial position. However, these vendors may differ significantly from each other in terms of product features, platform support, and integrations. Therefore, we strongly recommend looking at all the leadership categories as well as each entry in chapter 5 to get a comprehensive understanding of the players in this market and what use cases they support best.</p> <h2 id="heading2.1">2.1 Overall Leadership</h2> <p>The Overall Leadership chart is linear, with Followers appearing on the left side, Challengers in the center, and Leaders on the right.</p> <figure> <img src="https://www.kuppingercole.com/pics/lc80763_image5.png" alt="The Overall Leaders in the Leadership Compass SOAR" /> </figure> <p>Figure 1: The Overall Leaders in the Leadership Compass SOAR</p> <p>The Overall Leaders are (in alphabetical order):</p> <ul> <li>D3 Security</li> <li>Fortinet</li> <li>IBM</li> <li>Logpoint</li> <li>Microsoft</li> <li>Palo Alto Networks</li> <li>ServiceNow</li> <li>Splunk</li> <li>Swimlane</li> </ul> <p>The Overall Challengers are (in alphabetical order): ManageEngine, Rapid7, Securaa, Sumo Logic, and ThreatQuotient.</p> <h2 id="heading2.2">2.2 Product Leadership</h2> <p>Product Leadership is the first specific category examined below. This view is mainly based on the presence and completeness of required features as defined in the Required Capabilities section above. The vertical axis shows the product strength plotted against the combined/overall strength on the horizontal axis. The Product Leadership Chart is rectangular and divided into thirds. Product Leaders occupy the top section. Challengers are in the center. Followers are in the lower section.</p> <figure> <img src="https://www.kuppingercole.com/pics/lc80763_image6.png" alt="The Product Leaders in the Leadership Compass SOAR" /> </figure> <p>Figure 2: The Product Leaders in the Leadership Compass SOAR</p> <p>All vendors in the Product Leadership deliver leading-edge capabilities across the depth and breadth of the SOAR capability spectrum evaluated for the purpose of scoring the vendors in this Leadership Compass. However, we can also observe several much smaller vendors among the leaders, which nevertheless are able to offer their solutions with comprehensive capabilities, flexible deployment options and lower operational complexity than the market giants.</p> <p>Product Leaders (in alphabetical order):</p> <ul> <li>D3 Security</li> <li>Fortinet</li> <li>IBM</li> <li>Logpoint</li> <li>Microsoft</li> <li>Palo Alto Networks</li> <li>ServiceNow</li> <li>Splunk</li> <li>Sumo Logic</li> <li>Swimlane</li> <li>ThreatQuotient</li> </ul> <p>The Product Challengers are (in alphabetical order): ManageEngine, Rapid7, and Securaa. All these vendors have striking offerings but lack certain advanced capabilities that we expect to see, either in the depth or breadth of functionalities seen in the Leadership segment offerings. There are no Followers in the Product Leadership rating.</p> <h2 id="heading2.3">2.3 Innovation Leadership</h2> <p>Next, we examine <strong>innovation</strong> in the marketplace. Innovation is, from our perspective, a key capability in all IT market segments. Customers require innovation to meet evolving and even emerging business requirements. Innovation is not about delivering a constant flow of new releases. Rather, innovative companies take a customer-oriented upgrade approach, delivering customer-requested and other cutting-edge features, while maintaining compatibility with previous versions.</p> <p>This view is mainly based on the evaluation of innovative features, services, and/or technical approaches as defined in the Required Capabilities section. The vertical axis shows the amount of innovation plotted against the combined/overall strength on the horizontal axis. The Innovation Leadership Chart is rectangular and divided into thirds. Innovation Leaders occupy the top section. Challengers are in the center. Followers are in the lower section.</p> <figure> <img src="https://www.kuppingercole.com/pics/lc80763_image7.png" alt="The Innovation Leaders in the Leadership Compass SOAR" /> </figure> <p>Figure 3: The Innovation Leaders in the Leadership Compass SOAR</p> <p>Innovation Leaders are those vendors that are delivering cutting edge products, not only at customer request but also because they are driving the technical changes in the market by anticipating what will be needed in the months and years ahead. There is a strong correlation between the Overall, Product, and Innovation Leaders, which demonstrates that leadership requires feature-rich products that are looking over the horizon to bring advancements to help their customers.</p> <p>Innovation Leaders (in alphabetical order):</p> <ul> <li>Fortinet</li> <li>IBM</li> <li>Logpoint</li> <li>Palo Alto Networks</li> <li>ServiceNow</li> </ul> <p>The Innovation Challengers are (in alphabetical order): D3 Security, ManageEngine, Microsoft, Rapid7, Securaa, Splunk, Sumo Logic, Swimlane, and ThreatQuotient. These companies also have some specific innovations that make their offerings attractive to their customers but lack the breadth of innovation that other vendors demonstrate.</p> <h2 id="heading2.4">2.4 Market Leadership</h2> <p>Lastly, we analyze <strong>Market</strong> Leadership. This is an amalgamation of the number of customers, the geographic distribution of customers, the size of deployments and services, the size and geographic distribution of the partner ecosystem, and financial health of the participating companies. Market Leadership, from our point of view, requires global reach.</p> <p>The vertical axis shows the market strength plotted against the combined/overall strength on the horizontal axis. The Market Leadership Chart is rectangular and divided into thirds. Market Leaders occupy the top section. Challengers are in the center. Followers are in the lower section.</p> <figure> <img src="https://www.kuppingercole.com/pics/lc80763_image8.png" alt="The Market Leaders in the Leadership Compass SOAR" /> </figure> <p>Figure 4: The Market Leaders in the Leadership Compass SOAR</p> <p>Market Leadership is a combined measure of customers, managed users, partners, the geographic distribution of customers, support, and partners, and overall financial position. These vendors have financial strength, geographic distribution of customers and partner, and extensive ecosystems of system integrators.</p> <p>Market Leaders (in alphabetical order):</p> <ul> <li>Fortinet</li> <li>IBM</li> <li>Microsoft</li> <li>Palo Alto Networks</li> <li>ServiceNow</li> <li>Splunk</li> </ul> <p>The Market Challengers are (in alphabetical order): D3 Security, Logpoint, ManageEngine, Rapid7, Securaa, Sumo Logic, Swimlane, and ThreatQuotient. Some of these vendors are relatively young, lack a comprehensive global presence, focus mainly on their home markets, or are still in their growth phase.</p> <h1 id="heading3">3 Correlated View</h1> <p>While the Leadership charts identify leading vendors in certain categories, many customers are looking not only for a product leader, but for a vendor that is delivering a solution that is both feature-rich and continuously improved, which would be indicated by a strong position in both the Product Leadership ranking and the Innovation Leadership ranking. Therefore, we provide the following analysis that correlates various Leadership categories and delivers an additional level of information and insight.</p> <p>The following charts are rectangular and divided into nine equal sections. A dashed line intersects the rectangle at the point where x- and y-axis values are equal.</p> <h2 id="heading3.1">3.1 The Market/Product Matrix</h2> <p>The first of these correlated views contrasts Product Leadership and Market Leadership.</p> <p>The vertical axis represents the market position plotted against product strength rating on the horizontal axis.</p> <figure> <img src="https://www.kuppingercole.com/pics/lc80763_image9.png" alt="The Market/Product Matrix for Leadership Compass SOAR" /> </figure> <p>Figure 5: The Market/Product Matrix for Leadership Compass SOAR</p> <p>This comparison shows which vendors are better positioned in our Product Leadership analysis than their position in the Market Leadership analysis. Vendors above the line are somewhat &quot;overperforming&quot; in the market. It comes as no surprise that these are often very large vendors, while vendors below the line may more often be innovative but focused on specific regions as an example.</p> <p>In the upper right segment, we find &quot;Market Champions&quot;. Given that the SOAR market is mature, we see Palo Alto Networks, Microsoft, IBM, Fortinet, Splunk, and ServiceNow as market champions positioned in the top right-hand box.</p> <p>In the middle right-hand box, we see five vendors that deliver strong product capabilities for SOAR but are not yet considered Market Champions. D3 Security, Logpoint, Sumo Logic, Swimlane, and ThreatQuotient have a strong potential to improve their market position due to the more robust product capabilities they are already delivering.</p> <p>In the middle of the chart, we see the vendors that provide good but not leading-edge capabilities and therefore are not market leaders. These vendors include ManageEngine, Rapid7, and Securaa. They also have moderate market success as compared to market champions. However, we believe that each has a chance for significant growth. For example, Securaa has a strong market position in the APAC region, while Rapid7 has a significant presence in North America as well as growing presence in Europe.</p> <h2 id="heading3.2">3.2 The Product/Innovation Matrix</h2> <p>This view shows how Product Leadership and Innovation Leadership are correlated. It is not surprising that there is a pretty good correlation between the two views with a few exceptions. The distribution and correlation are tightly constrained to the line, with a significant number of established vendors plus some smaller vendors.</p> <p>The vertical axis represents the product strength rating plotted against innovation on the horizontal axis.</p> <figure> <img src="https://www.kuppingercole.com/pics/lc80763_image10.png" alt="The Product/Innovation Matrix for Leadership Compass SOAR" /> </figure> <p>Figure 6: The Product/Innovation Matrix for Leadership Compass SOAR</p> <p>Vendors below the line are more innovative, vendors above the line are, compared to the current Product Leadership positioning, less innovative.</p> <p>Here, we see a good correlation between the product and innovation rating. Many vendors placed close to the dotted line, indicating a healthy mix of product and innovation leadership in the market. Looking at the Technology Leaders segment, we find most leading vendors scattered throughout the box in the upper right corner. The leading vendors are (in alphabetical order) Fortinet, IBM, Logpoint, Palo Alto Networks, and ServiceNow. IBM Security is placed closest to the axis depicting a good balance of product features and innovation. Palo Alto Networks, Fortinet, Logpoint, and ServiceNow are following closely behind. While these vendors all take different approaches for delivering a SOAR platform, all perform well in both the current product offering and the innovation they demonstrate.</p> <p>Six vendors appear in the top middle box with good products but less innovation than the leaders, including D3 Security, Microsoft, Splunk, Sumo Logic, Swimlane, and ThreatQuotient. Several vendors appear in the middle box, showing both innovation and product capabilities. However, they remain at a Challenger level in both product and innovation ratings. These vendors include (in alphabetical order) ManageEngine, Rapid7, and Securaa. These vendors have a strong potential in further increasing their position in the SOAR market.</p> <h2 id="heading3.3">3.3 The Innovation/Market Matrix</h2> <p>The third matrix shows how Innovation Leadership and Market Leadership are related. Some vendors might perform well in the market without being Innovation Leaders. This might impose a risk for their future position in the market, depending on how they improve their Innovation Leadership position. On the other hand, vendors which are highly innovative have a good chance for improving their market position. However, there is always a possibility that they might also fail, especially in the case of smaller vendors.</p> <p>The vertical axis represents the market position rating plotted against innovation on the horizontal axis.</p> <figure> <img src="https://www.kuppingercole.com/pics/lc80763_image11.png" alt="The Innovation/Market Matrix for Leadership Compass SOAR" /> </figure> <p>Figure 7: The Innovation/Market Matrix for Leadership Compass SOAR</p> <p>Vendors above the line are performing well in the market as well as showing Innovation Leadership; while vendors below the line show an ability to innovate though having less market share, and thus the biggest potential for improving their market position.</p> <p>In the upper right-hand corner box, we find the &quot;Big Ones&quot; in the SOAR market. We see (in alphabetical order) Fortinet, IBM, Palo Alto Networks, and ServiceNow. IBM Security and Palo Alto Networks. These companies are being rewarded by the market for the level of innovation they provide in their products and services.</p> <p>Only one vendor (Logpoint) appears in the middle right box showing good innovation with slightly less market presence than the vendors in the &quot;Big Ones&quot; category.</p> <p>Microsoft and Splunk are shown in the top middle box with a stronger market, although less innovation than the leaders. The segment in the middle of the chart contains a few of the vendors rated as challengers both for market and innovation, which includes (in alphabetical order) D3 Security, ManageEngine, Rapid7, Securaa, Sumo Logic, Swimlane, and ThreatQuotient.</p> <h1 id="heading4">4 Products and Vendors at a Glance</h1> <p>This section provides an overview of the various products we have analyzed within this KuppingerCole Leadership Compass on SOAR Platforms. Aside from the rating overview, we provide additional comparisons that put Product Leadership, Innovation Leadership, and Market Leadership in relation to each other. These allow identifying, for instance, highly innovative but specialized vendors or local players that provide strong product features but do not have a global presence and large customer base yet.</p> <p>Based on our evaluation, a comparative overview of the ratings of all the products covered in this document is shown in Table 1.</p> <table> <thead> <tr> <th>Product</th> <th>Security</th> <th>Functionality</th> <th>Deployment</th> <th>Interoperability</th> <th>Usability</th> </tr> </thead> <tbody> <tr> <td>D3 NextGen SOAR</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Fortinet FortiSOAR</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> </tr> <tr> <td>IBM QRadar SOAR</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Logpoint SOAR</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>ManageEngine Log360</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/3dots.png' width=75 alt='Neutral' title='Neutral'></td> <td><img src='/assets/images/research/3dots.png' width=75 alt='Neutral' title='Neutral'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> </tr> <tr> <td>Microsoft Sentinel</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Palo Alto Cortex XSOAR</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Rapid7 InsightConnect</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> </tr> <tr> <td>Securaa</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/3dots.png' width=75 alt='Neutral' title='Neutral'></td> </tr> <tr> <td>ServiceNow Security Incident Response (SIR)</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Splunk SOAR</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Sumo Logic Cloud SOAR</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> </tr> <tr> <td>Swimlane</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> </tr> <tr> <td>ThreatQuotient Platform</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> </tr> </tbody> </table> <p>Table 1: Comparative overview of the ratings for the product capabilities</p> <p>In addition, we provide in Table 2 an overview which also contains four additional ratings for the vendor, going beyond the product view provided in the previous section. While the rating for Financial Strength applies to the vendor, the other ratings apply to the product.</p> <table> <thead> <tr> <th>Vendor</th> <th>Innovativeness</th> <th>Market Position</th> <th>Financial Strength</th> <th>Ecosystem</th> </tr> </thead> <tbody> <tr> <td>D3 Security</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Fortinet</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>IBM</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Logpoint</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>ManageEngine</td> <td><img src='/assets/images/research/3dots.png' width=75 alt='Neutral' title='Neutral'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> </tr> <tr> <td>Microsoft</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Palo Alto</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Rapid7</td> <td><img src='/assets/images/research/3dots.png' width=75 alt='Neutral' title='Neutral'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Securaa</td> <td><img src='/assets/images/research/3dots.png' width=75 alt='Neutral' title='Neutral'></td> <td><img src='/assets/images/research/3dots.png' width=75 alt='Neutral' title='Neutral'></td> <td><img src='/assets/images/research/3dots.png' width=75 alt='Neutral' title='Neutral'></td> <td><img src='/assets/images/research/3dots.png' width=75 alt='Neutral' title='Neutral'></td> </tr> <tr> <td>ServiceNow</td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Splunk</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Sumo Logic</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>Swimlane</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> <tr> <td>ThreatQuotient</td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/4dots.png' width=75 alt='Positive' title='Positive'></td> <td><img src='/assets/images/research/5dots.png' width=75 alt='Strong Positive' title='Strong Positive'></td> </tr> </tbody> </table> <p>Table 2: Comparative overview of the ratings for vendors</p> <h1 id="heading5">5 Product/Vendor evaluation</h1> <p>This section contains a quick rating for every product/service we’ve included in this KuppingerCole Leadership Compass document. For many of the products there are additional KuppingerCole Product Reports and Executive Views available, providing more detailed information.</p> <p><strong>Spider graphs</strong></p> <p>In addition to the ratings for our standard categories such as Product Leadership and Innovation Leadership, we add a spider chart for every vendor we rate, looking at specific capabilities for the market segment researched in the respective Leadership Compass. For the LC SOAR, we look at the following six categories:</p> <ul> <li><strong>Responses</strong>: This category measures the types of manual and automated responses available in a given platform. Response capabilities often depend on the presence of integrations with 3rd-party tools and the functions available via APIs to the tools. Responses are usually packaged in playbooks which can be customized, and templates that can be extended as needed. Examples of response actions might include enabling/disabling user accounts, blocking communications by IP or URL, isolating nodes, etc.</li> <li><strong>Enrichment</strong>: Enrichment is the process of adding intelligence and context to security events and incidents. SOAR platforms may pull threat intelligence from within their own network but should also support subscriptions to and queries to 3rd-party threat intelligence sources. This measures the quantity and quality of threat intelligence sources available to each vendor’s SOAR solution.</li> <li><strong>Case Management</strong>: This metric evaluates how well the SOAR solution automatically processes enriched event information and presents it to analysts for action. Case management also includes automation of preliminary analysis, background triage, facilitation of collaboration between analysts, and interoperability with ticketing systems.</li> <li><strong>API Support</strong>: This rubric illustrates each solution’s API options, including protocols, formats, and authentication methods supported.</li> <li><strong>Analyst Interface</strong>: This header appraises the utility of and presentation of information within the analyst interface. The analyst interface should allow queries to be easily built and executed, extensive drill down and linking of data between screens, map and timeline views, attack and response visualizations, incident-to-artifact relationship visualization, root cause analysis, etc.</li> <li><strong>Investigations</strong>: This label describes the features that enable analysts to conduct investigations, including methods for building queries, IoC updates, ability to create custom IoCs, behavioral analysis for creating baseline profiles, ML-enhanced detection and classification of outliers, and integration with SIEM and other analytics tools.</li> <li><strong>Automation</strong>: Many analyst tasks can be repetitive, which means these tasks are an inefficient use of their time; and they can lead to data entry errors. Automation seeks to expedite investigations, threat hunting, and responses by packaging common activities such as aspects of event correlation, case creation and maintenance, alerting and communications, threat intelligence gathering, threat intelligence updates, and generation of recommendations. Automation is a functional precursor to responses and playbooks. We expect modern SOAR solutions to be able to remove the statistical noise and reduce false positives without human intervention, by relying on techniques like behavior analysis and machine learning. This category measures the level of automation functions reported to be present in each solution.</li> <li><strong>Threat Hunting</strong>: Threat hunting is a proactive cyber defense activity. Analysts sometimes need to search for signs of intrusions or other malicious behavior that may not be already identified as IoCs. Threat hunting can be a more open-ended type of investigation. SOAR platforms support threat hunting by building flexibility that allow analysts to customize their workspace to conduct these exploratory processes. This classification rates the features available for and their extensibility for threat hunting.</li> </ul> <h2 id="heading5.1">5.1 D3 Security – NextGen SOAR</h2> <p>D3 Security was founded in 2002 in Vancouver, Canada. Between 2002 and 2014, the company provided incident and case management for IT security teams. D3 Security views SOAR as a pathway to fundamental improvements in the security operations of enterprises and MSSPs in finance, tech, and healthcare. Coverage is primarily focused on North America, but with growing presence in EMEA, APAC, and Latin America.</p> <p>D3 Security is vendor-agnostic. NextGen SOAR is their full-scale SOAR platform and can be deployed on-premises, private cloud, public cloud, and as a service offered through MSSPs. With 500+ out-of-the-box integrations and a flexible API-based architecture, the platform aims to eliminate false positives by cross-referencing events with data held in network, firewall, SIEM logs, and DLP tools.</p> <p>The platform’s Event Pipeline is an innovative feature that includes capabilities such as normalization which extracts fields, IOCs, and other data to create a clear and consistent picture of each alert. This capability also includes threat triage which enriches and rates events on severity via third-party threat intelligence sources, auto dismissal and escalation which applies rule-based filters to auto-close false-positive events, and triggers incident response playbooks. The system drastically eliminates false positives and other noise, leaving only real incidents for SOC analysts to deal with.</p> <p>For playbooks, D3 NextGen SOAR comes with a library of out-of-the-box playbooks for common use cases, including NIST 800-61 and SANS methodologies. The platform does not run playbooks in a serial fashion. Instead, it runs things in parallel and compresses the time it takes for the playbook to run. In addition, the platform triggers an incident-specific playbook when a MITRE ATT&amp;CK technique is identified by a security tool and ingested into the SOAR platform. The playbook also queries, extracts, and enriches incidents with contextual data from threat intelligence tools, and searches for related TTPs.</p> <p>The platform integrates with SIEMs and security analytics tools such as Micro Focus ArcSight, Microsoft Azure Sentinel, Coralogix, Exabeam, FireEye Helix, Fortinet FortiSIEM, LogRhythm, McAfee, IBM QRadar, Rapid7, Securonix, Splunk, and Sumo Logic. D3 also supports STIX, TAXII, and YARA. D3 Security has connectors for a comparatively substantial number of other tools, and also supports all the right standards thereby enabling their customers to extend their solution as needed.</p> <p>D3 Security positions itself as strong alternative to the established offerings supporting mid-market to enterprise organizations. Organizations looking for SOAR functionality, particularly those in North America should consider D3 Security. The company appears in the product leadership category.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image12.png" alt="D3 Security" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image13.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> </tbody> </table> <p>Table 3: D3 Security’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>SOAR specialist</li> <li>Good option for small-to-mid-sized MSSPs</li> <li>Large variety of out-of-the-box connectors</li> <li>Event Pipeline features significantly reduces the number of false positives</li> <li>Embedded MITRE ATT&amp;CK Matrix, enabling TTP-based threat hunting and reporting</li> <li>Playbooks can be used for SecOps, IR, IT Dev/Ops, ICS/OT, physical security, and HR functions</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>Customer presence is still primarily focused on North America, but rapidly expanding</li> <li>Missing support for popular EU based security vendor products</li> <li>Processes and workflows are not automatically updated whenever regulations change</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" ></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"style='opacity: 0.1;'></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"style='opacity: 0.1;'></td></tr></table></div> <h2 id="heading5.2">5.2 Fortinet – FortiSOAR</h2> <p>Fortinet is an American cybersecurity company with headquarters in Sunnyvale, California, USA. Established in 2000, it provides a wide range of network security and threat protection solutions for carriers, data centers, enterprises, and distributed offices. Its solutions are integrated into the Fortinet Security Fabric. The Fortinet security operations portfolio includes SIEM, SOAR, and XDR capabilities, as well as more advanced security analytics and automation tools. Fortinet’s sweet spot is the mid-market and large enterprises in North America and the EMEA region.</p> <p>FortiSOAR is the champion product when it comes to automation and having the ability to maximize existing tools. FortiSOAR can be deployed on-premises, in private cloud, public cloud, and can be deployed as a SaaS and VM. FortiSOAR supports advanced multi-tenancy, wherein the tenant's data could either be on the Master Server (called as Shared Tenancy) or a Dedicated SOAR node (called Dedicated Tenant Node).</p> <p>The platform can also be deployed standalone, with native integrations within FortiSIEM, or as a container inside FortiAnalyzer. Threat intelligence comes with the product and does not need to be purchased separately. In addition, FortiSOAR has a dedicated mobile application for both iOS and Android platforms.</p> <p>The platform includes 450+ connectors, advanced case management, and low/no-code playbooks. When it comes to playbooks, FortiSOAR supports the advanced agnostic playbooks concept, wherein a playbook for tenant is auto selected based on the context. Common use cases include triage, threat investigations, response actions, mitigation actions, enrichments, and SLA computation and enforcement. The platform’s recommendation engine provides analysts with suggested actions, correlated alerts, and critical data.</p> <p>FortiSOAR’s dashboard shows alerts, alerts by type, incidents, incidents by severity, critical incidents, and incidents resolved. Furthermore, the platform integrates with SIEMs and security analytics tools such as Micro Focus ArcSight, Microsoft Azure Sentinel, Exabeam, FireEye Helix, Fortinet FortiSIEM, Logpoint, LogRhythm, McAfee, IBM QRadar, Rapid7, Securonix, Splunk, and Sumo Logic. FortiSOAR also supports STIX and TAXII.</p> <p>Overall, Fortinet’s FortiSOAR provides a highly modular and flexible solution. The platform enables quick deployment even for companies lacking the required operational expertise yet can offer a flexible upgrade path to support the largest and most complex architectures. FortiSOAR should be near the top of any organization’s SOAR RFP list. Fortinet appears in the product, innovation, and market leadership categories.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image18.png" alt="Fortinet" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image19.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> </tbody> </table> <p>Table 4: Fortinet’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Strong partner ecosystem</li> <li>Many out-of-the-box connectors for tools</li> <li>Advanced level of multi-tenancy</li> <li>MFA for admins and analysts</li> <li>Low/no-code playbooks</li> <li>Platform available via mobile app for both iOS and Android platforms</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>OAuth2 and key exchange not supported</li> <li>Remote support service is not available</li> <li>Built-in MFA beyond SAML would be beneficial</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" ></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"></td></tr></table></div> <h2 id="heading5.3">5.3 IBM – QRadar SOAR</h2> <p>IBM Corporation is a multinational technology and consulting company headquartered in Armonk, New York, USA. Founded in 1911, IBM has evolved from a computing hardware manufacturer into offering a broad range of software solutions, infrastructure hosting, and consulting services in such high-value markets as business intelligence, data analytics, cloud computing, virtualization, cybersecurity, and identity and access management. With a strong global presence and customers and partners across the globe, IBM is a major player in the market.</p> <p>IBM has a full suite of cybersecurity, identity and data management solutions which consist of multiple components. QRadar SIEM, for instance, is a leading SIEM solution. QRadar provides an XDR ecosystem that integrates EDR, NDR, SIEM/UBA, SOAR and Threat Intelligence capabilities. QRadar SOAR can be consumed as part of a fully integrated suite (through IBM Security QRadar XDR Platform) or as a set of integrated products or services. However, QRadar SOAR can also be consumed as standalone product with threat intelligence available (IBM X-Force Threat Intelligence) or third-party threat intelligence integrations.</p> <p>The platform leverages powerful orchestration and automation capabilities to accelerate incident response and build automations. QRadar SOAR offers a comprehensive solution to build, edit, and deploy playbooks in the Incident Response process through the Playbook Designer. Playbook Designer is a streamlined approach to automation, providing a unified canvas that allows creation of playbooks through drag and drop of different elements and quick editing. Clients can also develop sub-playbooks for repeatable automations in their environment to be used in different playbook contexts. QRadar SOAR's playbooks are dynamic and adaptive. Playbooks evolve with the incident as analysts uncover further details about it, enabling them to add new tasks and trigger additional workflows.</p> <p>In addition, SOAR offers a Breach Response module with a global knowledgebase of 180+ regulations and Privacy related Incident Responses. This knowledgebase includes breach notification regulations across the world such as GDPR, CCPA, and LGPD. It also includes industry-specific regulations with a privacy breach reporting requirement, such as HIPAA. This allows customers to align Privacy and Security Operations to meet regulatory requirements. Breach Response helps connect the Security and Privacy teams in one platform, allowing different business units teams to collaborate and monitor their process within the same platform.</p> <p>Recently, IBM acquired Randori, a leading attack surface management (ASM) and offensive cyber security provider. This acquisition will help to further simplify threat detection and response, adding more visibility about the attack surface and asset discovery. Advanced cognitive technologies provided by IBM Watson AI provide dramatic improvements in analyst productivity and enable quick response to cyberthreats. Clients can also extend their SOAR capabilities and help correlate, prioritize, and effectively investigate alerts with an attack timeline and MITRE mapping. Furthermore, IBM’s SOAR can utilize admin and analyst MFA methods, including SAML for federation. IBM positions itself as a leader in the SOAR space and appears in the product, market, and innovation leadership categories.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image22.jpeg" alt="IBM" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image23.PNG" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> </tbody> </table> <p>Table 5: IBM’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Strongly committed to Open Security, and a founding member of Open Cybersecurity Alliance (OCA)</li> <li>Tight integration with the X-Force threat intelligence platform</li> <li>IBM’s cognitive technologies that augment incident and risk analysis</li> <li>Breach Response module with industry-specific regulations</li> <li>Dynamic and adaptive playbooks</li> <li>A completely integrated platform covering all aspects of security analytics, automation, and response</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>Limited ITSM integration</li> <li>More integrations with 3rd-party sandboxes for analysis would be beneficial, but improvements are on the roadmap</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" ></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"></td></tr></table></div> <h2 id="heading5.4">5.4 Logpoint – Logpoint SOAR</h2> <p>Logpoint is a multinational software company originally founded in 2003 in Copenhagen, Denmark. At present, the company has global presence with multiple offices across Europe, North America, and Asia. The company is notable for offering SIEM, UEBA, SOAR, and Business Critical Security (BCS) technologies converged into a complete platform that aims to detect threats, minimize false positives, autonomously prioritize risks, and respond to incidents. Its client base is mainly composed of mid-market and large enterprises in government, manufacturing, and healthcare industries.</p> <p>The platform can be deployed on-premises, SaaS, and as a service through MSSPs. SOAR is their latest product, it includes out-of-the-box integrations and open APIs. Logpoint SOAR is included at no extra charge in the SIEM license. The SIEM licensing is based on number of nodes. Logpoint SOAR integrates with SIEMs and security analytics tools such as Micro Focus ArcSight, Microsoft Azure Sentinel, Exabeam, FireEye Helix, Fortinet FortiSIEM, LogRhythm, IBM QRadar, Rapid7, Securonix, Splunk, and Sumo Logic.</p> <p>Logpoint is primarily a standalone, tightly integrated platform doing SIEM, SOAR, UEBA and BCS. It is not meant to serve as a SOAR add-on to an existing SIEM. However, it is possible to forward logs from the above SIEMs to Logpoint SIEM and enjoy all the Logpoint SOAR capabilities. Moreover, Logpoint also supports STIX, TAXII, and YARA.</p> <p>The Logpoint SIEM and SOAR Threat Intelligence application comes with a ready-to-use Threat Intel Analytics package that includes general-purpose vendor alerts, rules, and dashboards for threat intelligence. In addition, Logpoint is one of the few vendors with SAP-domain knowledge and services for MDR providers. With BCS for SAP, organizations can integrate complex SAP data into a centralized SIEM system while providing SOC analysts with monitoring and automation capabilities.</p> <p>The system allows generic user supplied scripts from customers allowing any protocol to be supported. Also, its native multi-tenant capabilities and support for distributed deployments make it especially appealing to large enterprises with complex requirements, as well as to MSSPs. The company's European roots are clearly visible in the solution's strong focus on privacy and data protection according to regulations like GDPR.</p> <p>In 2021, the company announced the acquisition of Tel Aviv-based SecBI, an important player in automated cyber threat detection and response. As a result of this acquisition, SecBI has enabled Logpoint to create a native SOAR that is available for all SIEM users without any additional cost. Logpoint’s agility and innovativeness make them a worthy choice for potential customers ranging from small businesses to large enterprises. Organizations looking for SOAR functionality, particularly those in Europe who are mindful about GDPR, should consider Logpoint for RFPs. Logpoint appears in the product and innovation leadership categories.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image24.png" alt="Logpoint" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image25.PNG" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> </tbody> </table> <p>Table 6: Logpoint’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Integrated platform combining SIEM, SOAR, UEBA, and BCS technologies</li> <li>Strong incident response capabilities</li> <li>Focus on privacy and data protection (GDPR and PCI)</li> <li>A large selection of third-party integrations</li> <li>Comprehensive set of APIs</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>Limited market reach outside the EMEA region, but continuously expanding</li> <li>User interface does not support corporate look-and-feel customization</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" ></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"style='opacity: 0.1;'></td></tr></table></div> <h2 id="heading5.5">5.5 ManageEngine – Log360</h2> <p>Headquartered in Pleasanton, California, USA with development and operations happening out of Chennai, India, ManageEngine provides over 180,000 customers around the world with over one hundred solutions for managing IT operations for endpoints, servers, networks, and the cloud, as well as security tools for desktops and mobile devices. ManageEngine is a division of privately held ZOHO, founded in 1996. ManageEngine also has products for IT Help Desk management, patch and vulnerability management, MDM, SIEM, PAM, and other areas of IT management and security.</p> <p>ManageEngine Log360 is not a single product, but a suite of multiple specialized tools integrated into a single management console. Log360 is available for on-premises, in the cloud as a SaaS-based SIEM (Log360 Cloud), and some components are available on AWS Marketplace and Azure Marketplace. Licensing is per server. Log360 also supports STIX, TAXII, and YARA.</p> <p>SOAR capabilities are built within Log360 and include security analytics, anomaly detection using ML algorithms, automated incident response workflows, visual workflow builder, etc. Moreover, Log360 allows users to customize the dashboard and the widgets displayed. This allows them to instantly view the network events they deem as important. Anomaly risk modelling is customizable as well. Log360 can also trigger alerts and tickets in ITSM systems.</p> <p>Log360 provides automated responses through incident workflows (playbooks), which lay out the sequence of steps to be taken following a security incident. In case indicators of compromise are detected, actions can automatically be taken to suspend or disable the user. Furthermore, Log360 allows users to build automated workflows using visual flowcharts from a set of actions available in the workflow menu. The platform can also interoperate with PAM solutions such as PAM360, which is an offering from ManageEngine.</p> <p>Since Log360 is a SIEM, it has limited connectors to other SIEMs. What Log360 lacks in certain functions compared to other SOAR specialists, it compensates with a broad range of additional (and extremely useful) security and compliance features, which are incorporated into a convenient unified management console with impressive out-of-the-box reporting capabilities.</p> <p>ManageEngine Log360 has both SIEM and SOAR in a single package. The company is focusing more on its cloud SIEM offering called Log360 Cloud which is currently in development. Organizations that are already ManageEngine and Zoho customers may find it easy to add SIEM and some SOAR functionality to their security portfolios.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image26.png" alt="ManageEngine" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image27.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/3white.png' alt='Neutral' title='Neutral'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/3white.png' alt='Neutral' title='Neutral'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> </tbody> </table> <p>Table 7: ManageEngine’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Strong global partner ecosystem</li> <li>MFA options available</li> <li>Easy to deploy and customize</li> <li>Flexible licensing</li> <li>Complements SIEM features with EDR, DLP, SOAR capabilities</li> <li>Interoperability with PAM systems</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>No connectors for other SIEMs</li> <li>No support for enrichment of security data with identity information from IAM/IGA systems</li> <li>Cloud platform is still work in progress, has not yet reached feature parity with the on-prem solution</li> </td></tr></table> <h2 id="heading5.6">5.6 Microsoft – Sentinel</h2> <p>Microsoft, founded in 1975 and based in Redmond, USA, is a familiar figure in hardware and software, digital services, and cloud infrastructure businesses. The company is the world's largest software company and one of the top corporations by market capitalization. Microsoft Sentinel, previously known as Azure Sentinel, is a cloud-native SIEM and SOAR platform that delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.</p> <p>Microsoft Sentinel customers are not charged extra for SOAR capabilities. The platform is a SaaS offering and utilizes the cloud economics model based on consumption of the service. Licensing is subscription based and pricing is based on volume of data ingested. The product started as a modern SIEM that helped customers scale out the number of alerts and amount of data into one single platform. Essentially, Sentinel is the place where all the data from all the devices and entities in the organization is ingested.</p> <p>SOAR capabilities are integrated natively with the SIEM, so incidents, automations and investigations happen where the data is. Sentinel automated workflows (playbooks) are based on Azure Logic Apps platform, which runs billions of actions for thousands of organizations. With 250+ available OOTB connectors, Sentinel playbooks can integrate with Azure services, as well as with 3rd-party ticketing systems, collaboration platforms, and custom APIs. Microsoft also supports STIX and TAXII.</p> <p>Furthermore, customers and partners can add more solutions, ingest data from any other SIEM platforms, as well as interact with and orchestrate any other 3rd-party security tool. Microsoft offers substantial freedom of customization for the platform, by allowing customers to integrate other Azure services, enabling advanced analytics and threat hunting, own machine learning models, custom automation, external threat intelligence, etc.</p> <p>Each organization has different requirements and needs when it comes to adopting a SOAR solution. However, Microsoft Sentinel has the scalability and performance to provide organizations with alert detection, threat visibility, proactive hunting, and threat response capabilities. The solution should be on the shortlist for any organization looking for robust enterprise SOAR services. Microsoft appears in the product and market leadership categories.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image28.png" alt="Microsoft" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image29.PNG" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> </tbody> </table> <p>Table 8: Microsoft’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Massively scalable SaaS</li> <li>Strong global partner ecosystem</li> <li>No extra charges for SOAR capability</li> <li>SOAR capabilities are integrated natively with the SIEM</li> <li>Analyze big data with native Azure Synapse integration (for threat hunting)</li> <li>Integration with Microsoft 365 Defender</li> <li>Support for data residency regulations</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>Only available as a SaaS offering in the Azure cloud</li> <li>User interface does not support corporate look and feel customization</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" ></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"style='opacity: 0.1;'></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"></td></tr></table></div> <h2 id="heading5.7">5.7 Palo Alto Networks – Cortex XSOAR</h2> <p>Palo Alto Networks, founded in 2005 in Santa Clara, CA, was the pioneer in Next Generation Firewall (NGFW) technology, and is also a major player in the SOAR market after the acquisition of Demisto. Palo Alto also offers endpoint security, XDR, threat intelligence feeds, and other security products. XSOAR includes an engine that enables connecting cloud to on-prem, on-prem to cloud, and cloud to cloud. Customers can deploy multiple engines. Palo Alto hosts a managed service, and some MSSPs use their software for SOAR functions as well. XSOAR is licensed per admin/analyst user.</p> <p>XSOAR provides full multi-tenancy with complete data segregation between customers in a single deployment, as well as the option to scale the architecture horizontally by deploying multiple hosts, each carrying multiple tenants. Palo Alto’s multi-tenancy allows the master (MSSP) to view incidents across all tenants, deploy automation (playbooks, scripts, dashboards and more) to all tenants, or selectively to some tenants.</p> <p>The SOAR component integrates with many threat detection tools including EDRs, NTAs, NDRs, firewalls, and SIEMs such as Micro Focus ArcSight, Microsoft Azure Sentinel, Coralogix, Exabeam, FireEye Helix, Fortinet FortiSIEM, Logpoint, LogRhythm, McAfee, IBM QRadar, Rapid7, Securonix, Splunk, and Sumo Logic. Palo Alto supports CyBox, STIX, YARA, CSV, JSON, and TAXII feeds from other providers.</p> <p>Reports can be customized to suit the needs of the stakeholders. The report widget allows customers to build any type of report needed from the underlying data. They can add widgets, schedule report generation and distribution, add recipients, select incident time ranges, etc. XSOAR has an integrated threat intelligence management module, case management, IAM, NetOps, cloud security, IoT security and vulnerability management automation content packs, beyond SecOps use cases. The solution has its own mobile app which allows users to leverage SOAR capabilities anywhere. The app runs on both Android and iOS.</p> <p>Playbooks in XSOAR automate most responses. The solution uses several mechanisms (such as a pre-processing policy) that eliminate false positives, and de-duplicate and cluster events. In addition, users have the option to clone and edit 800+ out-of-the-box playbooks using a drag and drop visual editor. The company also provides 1,000+ scripts of common automation tasks that can serve as building blocks for playbooks. The platform supports sub-playbooks that can be nested and reused across multiple playbooks, allowing for complex workflows. The user can easily view the code and choose to code playbooks if preferred.</p> <p>The substantial number of connectors available, plus the ability to extend the platform, make Palo Alto’s XSOAR one of the dominant products on the market today. Palo Alto’s agility and scalability make them a worthy choice for mid-market organizations and large enterprises. Palo Alto appears on the product, market, and innovation leadership categories.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image30.png" alt="Palo Alto Networks" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image31.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> </tbody> </table> <p>Table 9: Palo Alto Networks’ rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Extensive list of SIEMs and other 3rd-party security tools supported</li> <li>Platform available via mobile app for both iOS and Android platforms</li> <li>Established vendor with a long-standing presence in the market</li> <li>Global ecosystem and ability to scale for large enterprise deployments</li> <li>Ships with many configurable playbooks covering a wide variety of use cases</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>Missing some integrations for leading EU-based security tools</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" ></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"></td></tr></table></div> <h2 id="heading5.8">5.8 Rapid7 – InsightConnect</h2> <p>Founded in 2000 and headquartered in Boston, Rapid7 originated as a vulnerability management solution provider. Currently, the company offers a broad range of cybersecurity products and services, with most of its portfolio built upon the unified, cloud-native Insight platform. These include but are not limited to vulnerability management, application and cloud security, SIEM/XDR, threat detection and response, threat intelligence, security orchestration and automation and related managed services. The company is focused on North America, but with a growing number of customers in the EMEA and APAC regions.</p> <p>Rapid7 Insight Platform delivers a security operations platform with a portfolio of products. It includes cloud security (InsightCloudSec), application security (Insight AppSec), vulnerability management (InsightVM), orchestration and automation (InsightConnect), threat intelligence (Threat Command), and XDR and SIEM (InsightIDR). InsightConnect licensing is based on a per time period subscription (generally 1-3 years) and is primarily based on a percentage of other Rapid7 products in use, is included in multiple product combination packages (which themselves are node based), and also has a per-user pricing that is used in situations when no other Rapid7 product is in use. The Insight Platform can be consumed as a cloud service as well as via select MSSPs, and as the detection, investigation, and response layer in Rapid7’s own Managed Detection &amp; Response service.</p> <p>SOAR capabilities are delivered through two methods: via embedded and integrated capabilities with their other Insight Platform solutions - such as InsightIDR and InsightVM can also be delivered as a standalone SOAR solution. In both scenarios it can be used to implement and automate use cases that both extend the Rapid7 platform and to interoperate with 3rd-party IT and security products. Some common use cases when implementing the Rapid7 SOAR include detection and response (collecting data within the environment, enriching and prioritizing alerts into more actionable alerts, and implementing automation features and decision steps on top of those actionable alerts), automation and orchestration for SIEM and XDR tools (in particular Rapid7 InsightIDR), alert enrichment and validation (automatically gather context for analysts to make a rapid decision), network, user, and endpoint containment (reduce or quarantine the spread of a potential malicious event within the environment), and vulnerability management related automations (identifying, evaluating, mitigating, and reporting on security vulnerabilities) as well as ITSM ticketing as appropriate for all the above. In addition, STIX support is provided at the InsightDR level.</p> <p>InsightConnect offers over 200 off-the-shelf automation workflows that can be imported and used with no custom development required. For users interested in building or customizing their own automation workflows, InsightConnect's no-code workflow builder allows users to build, test, and run custom automation workflows with a graphical user interface. Playbooks are edited with a visual workflow builder. Prebuilt templates can also be easily imported and edited to suit a customer's unique process. Moreover, the platform uses regular code reviews and 3rd-party vulnerability scanning tools to identify issues. Patches are applied using automated and manual patch management tools and processes.</p> <p>With the Rapid7's Insight Platform, customers are able to combine multiple security solutions according to their needs and requirements. InsightConnect is an excellent choice for customers who need cloud-native automation with no on-premises components. For smaller customers experiencing skill shortages, Rapid7 offers several managed security services as well.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image32.png" alt="Rapid7" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image33.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> </tbody> </table> <p>Table 10: Rapid7’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>MFA for admins and analysts</li> <li>Excellent vulnerability management capabilities</li> <li>Vast library of integrations and workflows</li> <li>Integrated platform combining threat intelligence, SIEM/XDR, orchestration, and automation capabilities</li> <li>Integrations with InsightIDR and InsightVM enable a wide variety of use cases</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>TAXII not supported</li> <li>Missing integrations with EU cybersecurity products</li> <li>Complex licensing scheme</li> </td></tr></table> <h2 id="heading5.9">5.9 Securaa – Securaa</h2> <p>Securaa was founded in 2018 and its headquarters are in Bangaluru, India. Securaa is a SOAR platform that enhances SOC’s capabilities with automation, threat enrichment, and real-time visibility and control. Despite being a young and small vendor, Securaa is fully multi-tenant and built on a container-based microservices architecture. The platform is completely modular, and components can be deployed across hybrid environments. Their customer base is primarily located in the APAC region, but with growing presence in the Middle East and North America. The solution is deployable on-prem, in IaaS, and SaaS.</p> <p>The platform includes Securaa’s Threat Intelligence Platform (TIP) which correlates indicators of compromise and Securaa’s Asset and Vulnerability Intelligence Platform (AVIP) which provides a proactive approach to cyber asset and controls management. The two platforms are fully integrated as well as available as a modular product. Subscriptions are per-user and fixed cost options are also available.</p> <p>Securaa is a no-code platform. The platform provides a visual workflow editor for analysts to build or modify playbooks. Playbooks are out of the box for most common use-cases like C2C, phishing, malware analysis, etc. It also includes manual, semi-automated, and fully automated execution of playbooks for orchestration and response automation (500+ automated tasks and 100+ ready-to-use playbooks).</p> <p>Securaa is a very configurable platform, from dashboards to widgets, to reports, and to case management. The platform is packed with a lot of configurable capabilities through which customization can be done in an agile manner. Custom layouts can be built for each incident category and menu options can be restricted based on role-based access control. For case management, the platform captures case data, enrichment from Securaa SecBot, link analysis, etc. It also allows collaboration between analysts and can be used for audits.</p> <p>Furthermore, the platform integrates with SIEMs and security analytics tools such as Elastic, Micro Focus ArcSight, Microsoft Azure Sentinel, LogRhythm, McAfee, IBM QRadar, Rapid7, RSA Netwitness, Securonix, Splunk, and Sumo Logic. Securaa also supports STIX and TAXII.</p> <p>Securaa is one of the few SOAR platforms that has a AVIP (Asset and Vulnerability Intelligence Platform) along with a Threat Intelligence Platform which empowers security teams to get all the internal context around assets, vulnerabilities, exploits and business impact. Securaa positions itself as an alternative to the established offerings, which should be of interest to organizations in the APAC region. However, being a rather small vendor, Securaa has a still relatively small global partner ecosystem. On the other hand, the company provides a modern solution that fits well to the requirements of a SOAR solution.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image34.jpg" alt="Securaa" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image35.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/3white.png' alt='Neutral' title='Neutral'></td> </tr> </tbody> </table> <p>Table 11: Securaa’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>SOAR specialist</li> <li>Modern, modular architecture</li> <li>Flexible deployment options</li> <li>Strong orchestration and automation capabilities</li> <li>AVIP provides a proactive approach to cyber asset and controls management</li> <li>Blending SOAR, TIP and AVIP in a no-code framework</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>Small but growing global partner ecosystem</li> <li>Security certifications and standards in progress</li> <li>More integrations with ITSM systems would be beneficial</li> </td></tr></table> <p>Processes and workflows are not automatically updated whenever regulations change, but improvements are on the roadmap</p> <h2 id="heading5.10">5.10 ServiceNow – Security Incident Response (SIR)</h2> <p>ServiceNow, founded in 2004 and headquartered in Santa Clara, is a large IT management, operations, and business management software vendor. They also have products in the IT security, asset management, GRC, and DevOps areas, providing solutions for both employee and customer facing enterprises. Their SOAR offering can be deployed on-premises, private cloud, public cloud, and as a service through MSSPs. ServiceNow has a strong presence in North America, but with growing customers in the EMEA and APAC regions. The solution is licensed per user.</p> <p>ServiceNow integrates with SIEMs and security analytics tools such as Micro Focus ArcSight, Microsoft Azure Sentinel, LogRhythm, McAfee, IBM QRadar, Rapid7, Securonix, Splunk, Sumo Logic and many more. The integrations above are for out of box configurations, however, using ServiceNow Platform's REST API, any external system can submit security incident records for investigation. Additionally, with the IntegrationHub feature bidirectional integrations with any SIEM can be built.</p> <p>The IntegrationHub is a companion feature, which makes it easier to create integrations. Among other things, this capability enables customers to build orchestration capabilities with numerous third-party systems in a no-code/low-code fashion and integrate any sandbox with a modern API. Integrations with IaaS/PaaS solutions are also available on the ServiceNow store.</p> <p>Their Flow Designer is a visual interface for creating and managing workflows. It is a visual workflow designer with a drag and drop interface which also supports the creation of re-usable sub-flows. It enables mature playbook designs and customized actions that can be added into forms for specific actions. Workflow automation is a focus and core strength for ServiceNow across all product lines.</p> <p>The Security Incident Response Platform is aligned with MITRE ATT&amp;CK. The company has an innovative SOAR system management application for mobile devices which includes iOS, Android, and BlackBerry devices. Moreover, ServiceNow supports SAML federation and JWT, Key Exchange, and OAuth2 authentication. The company also supports CyBox, STIX, and TAXII.</p> <p>ServiceNow is quite scalable and has excellent case management features. It has built out integrations with many diverse sets of threat intelligence for enrichment. Furthermore, the platform integrates with Data Loss Prevention (DLP) products to facilitate automation and remediation workflows. Organizations who use ServiceNow for ITSM or other functions may find it easy to gain SOAR functionality by adding Security Incident Response. ServiceNow is continuously adding more integrations and innovative features to its platform. The company appears in the product, market, and innovation leadership categories.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image36.png" alt="ServiceNow" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image37.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> </tbody> </table> <p>Table 12: ServiceNow’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Excellent case management features</li> <li>IntegrationHub allows a large variety of integrations</li> <li>Strong and mature reporting capabilities</li> <li>SOAR system management application for mobile devices</li> <li>Has obtained multiple relevant security and compliance certifications</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>Customer presence is still primarily focused in North America</li> <li>Missing integrations with EU-based cybersecurity vendor products</li> <li>Limited integration with 3rd-party ITSMs</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" ></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"></td></tr></table></div> <h2 id="heading5.11">5.11 Splunk – Splunk SOAR</h2> <p>Splunk was founded in 2003 and is headquartered in San Francisco, California. Since then, the company has been producing solutions for searching, monitoring, and analyzing many kinds of machine-generated data. With its worldwide market presence and a strong global partner ecosystem, Splunk is often considered a de facto standard for operational analytics and intelligence solutions. Splunkbase includes over 2,800 apps, 70+ intel integrations, 375+ SOAR integrations that support multiple security operations actions, and high-value security integrations with over 2,500 partners. Two major licensing paradigms are available: per-user or per-Virtual Compute.</p> <p>Splunk SOAR is offered as a standalone product with the ability to integrate with other Splunk products. Splunk SOAR integrates with Splunk Enterprise Security to provide a seamless and intuitive SecOps platform to prevent, detect and respond to advanced and emerging threats. The solution supports hybrid and multi-cloud environments. It can also support cloud, on-premises, and hybrid deployments. Splunk SOAR integrates with SIEMs and security analytics tools such as Micro Focus ArcSight, Exabeam, FireEye Helix, Fortinet FortiSIEM, LogRhythm, IBM QRadar, Rapid7, Splunk, and Sumo Logic. Splunk supports CyBox, STIX, and TAXII.</p> <p>The Splunk Enterprise Platform includes streaming, machine learning, search and visualization, collaboration and orchestration, and scalable index. Splunk SOAR comes with one hundred pre-made playbooks out of the box. Splunk SOAR integrates across 350+ third-party tools and supports over 3,000+ different automatable actions. Moreover, playbooks can be edited via visual flow-chart within their Visual Playbook Editor, where users apply coding and copy from templates.</p> <p>SOAR’s visual playbook editor makes it easy to create, edit, implement, and scale automated playbooks to help your team eliminate security analyst grunt work, and respond to security incidents at machine speed. In addition, Splunk SOAR’s orchestration, automation, response, collaboration, and case management capabilities are also available from mobile devices. For Case Management, the solution includes the use of playbooks to automate response tasks to force multiply team efforts, execute automated response tasks in a short time, and support decision making, evidence capture and improve overall response performance.</p> <p>Splunk SOAR apps provide a mechanism to extend Splunk SOAR by adding connectivity to third party security technologies in order to run actions. Not only does Splunk have more connectors to third- party apps than competitors, but they also test all the apps. In addition to testing all the apps, the company has open-sourced the connectors on GitHub which drives more quality and community contributions as a result.</p> <p>The ability to scale the platform makes Splunk’s SOAR an excellent choice for mid-market and large enterprises. Organizations looking to get started on a SOAR journey should consider Splunk's products and services. Splunk appears on the product and market leadership categories.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image38.png" alt="Splunk" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image39.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> </tbody> </table> <p>Table 13: Splunk’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Strong global partner ecosystem</li> <li>Intuitive analyst interface</li> <li>Large number of apps and integrations available</li> <li>Modern visual playbook editor</li> <li>Splunk’s SOAR capabilities are also available from mobile devices</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>More MFA options for admins and analysts would be helpful</li> <li>MITRE ATTACK mapping is not available in the SOAR standalone</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" ></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"style='opacity: 0.1;'></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"></td></tr></table></div> <h2 id="heading5.12">5.12 Sumo Logic – Sumo Logic Cloud SOAR</h2> <p>Sumo Logic is a cloud-native data analytics company based in Redwood City, California, USA. Founded in 2010, the company focuses on developing and operating an elastic cloud platform for collecting and analyzing enterprise log data. Sumo Logic offers a range of operational, security, and business intelligence solutions that are entirely cloud-based and low maintenance. The company has a strong presence in North America and the EMEA region.</p> <p>Cloud SOAR is part of the overall Sumo Logic platform. Sumo Logic’s Cloud SOAR takes a proactive approach toward alert investigation, collecting security data and alert information from various sources, including SIEM. It leverages machine learning to significantly reduce false positives and duplicate events. Licensing is per user. However, licensing for MSSP customers varies from the standard user model to license per tenant instance. The company's Cloud SIEM solution is, as the name implies, an entirely cloud-based SaaS offering with on-premises components and offered as a service by MSSPs.</p> <p>In 2019, the company acquired JASK Labs Inc. The acquisition brings together Sumo Logic’s Continuous Intelligence Platform, including its pioneering cloud SIEM and security compliance solutions, with JASK’s ASOC offering to deliver a leading cloud-native security intelligence solution built for today’s digital businesses that leverage modern applications, architectures, and multi-cloud infrastructures. In 2021, Sumo Logic acquired DFLabs, a SOAR specialist vendor headquartered in Italy.</p> <p>One of the main differentiators is the fact that the company is investing in the Open Integration Framework (OIF). The OIF is an integration framework created to make it easier for organizations to connect disparate security tools for a more seamless security remediation workflow. OIF changes the way integrations are being utilized within a platform, allowing users to easily integrate with third-party technologies, develop external connectors and trigger various automated actions. It provides integration flexibility by allowing developers to extend integrations, modify action parameters, personalize action results, create custom table views, etc.</p> <p>Furthermore, the OIF feature allows daemons to be customized and adjusted according to the needs of the user. Daemons are also used to leverage the automation capabilities. The most common daemons are the ones that are instructed to take care of verifying the content of a mailbox, retrieving new threat feeds from external repositories, and analyzing databases external to Cloud SOAR. Different rules apply to different time frames in which daemons are launched and these can be adjusted to align with customer’s needs.</p> <p>Cloud SOAR performs automatic analysis, creates incidents, and allows security event data export. Security analysts can see all the information generated by the playbooks and other analysts’ actions. There is also the possibility to nest an existing playbook inside another playbook and to connect multiple playbooks into a master playbook.</p> <p>Sumo Logic’s Cloud SOAR offers an entirely cloud-based and low maintenance solution with flexible pricing. It should be of interest to organizations within the EMEA region and North America.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image40.png" alt="Sumo Logic" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image41.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> </tbody> </table> <p>Table 14: Sumo Logic’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Global partner ecosystem</li> <li>Straightforward licensing</li> <li>Open Integration Framework allows implementation of new technologies</li> <li>Strong threat intelligence capabilities</li> <li>Flexible deployment options based on customer’s needs</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>More MFA options for admins and analysts would be helpful</li> <li>Additional out-of-the-box telemetry connectors would be beneficial, but the OIF offers some flexibility</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" style='opacity: 0.1;'></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"style='opacity: 0.1;'></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"style='opacity: 0.1;'></td></tr></table></div> <h2 id="heading5.13">5.13 Swimlane – Swimlane Turbine</h2> <p>Swimlane is a low-code SOAR specialist that was launched in 2014 and headquartered in Boulder, Colorado. The company has regional offices in London, Sydney, Dubai, and Kuala Lumpur. Coverage has been primarily focused on North America, but is now growing across Europe, APAC, the Middle East, Turkey, and Africa (META). Swimlane Turbine is reportedly favored by government agencies, large enterprises, and service providers for its fully multitenant architecture and the ability to accommodate extremely high event throughputs. Swimlane is licensed on a per-user basis.</p> <p>The Swimlane platform has been delivering low-code security automation and SOAR solutions to the market since 2017. Swimlane Turbine is a more recent breakthrough in low-code security automation that captures hard-to-reach telemetry and expands actionability to the typically closed extended detection and response (XDR) ecosystem.</p> <p>The Swimlane platform is built to integrate with any API, so virtually any integration that a customer requires is an option. The company offers customers on-demand integrations at no additional costs, so the business applications they support are constantly changing. The platform integrates with SIEMs and security analytics tools such as Micro Focus ArcSight, Microsoft Azure Sentinel, Exabeam, FireEye Helix, Fortinet FortiSIEM, Logpoint, LogRhythm, McAfee, IBM QRadar, Rapid7, Securonix, Splunk, and Sumo Logic. The platform also integrates with popular endpoint security tools from SentinelOne, CrowdStrike, VMware and more. Swimlane also supports CyBox, STIX, TAXII, and YARA. More recent integrations include those for securing OT/IoT environments with the likes of Nozomi Networks and Dataminr.</p> <p>Turbine’s Autonomous Integrations extend visibility and response to closed XDR ecosystems. This technology enables security teams to connect siloed technologies like cloud, IoT, and edge computing. Moreover, Turbine’s Adaptable Playbooks make it easy to build modular, repeatable automations that are flexible enough to align to any security priorities or established business processes.</p> <p>In addition, the platform provides robust CISO-level dashboards and real-time reporting, compliance and audit reporting, and powerful case management for incident response and investigation workflows. Swimlane’s reporting and dashboards are also adaptable. It conforms to how different organizations work, the processes they track, how they report, their compliance or regulatory requirements, internal intricacies, and risk management practices. This provides customers with autonomy and control over their system which may be more difficult with less adaptable solutions.</p> <p>Swimlane and its innovative capabilities provide a suitable alternative for customers in complex and highly regulated industries. Organizations looking for configurable low-code playbooks and autonomous integrations should consider Swimlane Turbine. While Swimlane already has a sizeable number of customers, obtaining more security certifications will appeal to customers in certain regulated industries and others that have strict security requirements. The company appears in the product leadership category.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image43.png" alt="Swimlane" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image44.PNG" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> </tbody> </table> <p>Table 15: Swimlane’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>Modern low-code architecture</li> <li>MFA for admins and analysts</li> <li>Powerful case management with many connectors for ITSM solutions</li> <li>Extensive list of threat intel sources</li> <li>Scales well for large enterprises in highly regulated industries</li> <li>Adaptable playbooks covering a wide variety of use cases</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>More security certifications and compliance standards would be beneficial</li> <li>API versioning not currently supported, but improvements are on the roadmap</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" ></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"style='opacity: 0.1;'></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"style='opacity: 0.1;'></td></tr></table></div> <h2 id="heading5.14">5.14 ThreatQuotient – ThreatQ Platform</h2> <p>Founded in 2013, ThreatQuotient is a threat intelligence and SOAR specialist headquartered in Ashburn, Virginia. In the early days, ThreatQuotient focused on threat intelligence management and called its platform a security operations platform. In addition to the base platform, use case specific modules are available. These include ThreatQ TDR Orchestrator, ThreatQ Investigations, and ThreatQ Data Exchange. Licensing is based on data size, number of users and modules enabled. Coverage includes North and South America, Europe, Middle East / North Africa (MENA), and APAC regions.</p> <p>The platform includes a Threat Library where all the data resides. It enables dynamic scoring and smart collections, provides context for automatic scoring and prioritization, and automatically aggregates and normalizes data. In addition, the platform offers a DataLinq Engine. This feature allows the platform to ingest a wide variety of information from multiple sources (external and internal) to identify bits of data that could be relevant inside those existing sources and in between those existing data sources. The engine normalizes data which allows it to do correlation and prioritize information. Once information is prioritized, the engine can deliver a result of more actions that can be taken automatically with higher confidence.</p> <p>The platform consumes information using the DataLinq engine and stores it in the Threat Library. The data is presented alongside a series of relations including courses of action, tasks, and related Threat Intelligence. The platform also includes the ThreatQ Data Exchange which enables and manages intel collaboration across organizations or multiple organizations of any size and complexity. ThreatQ Data Exchange makes it simple to set up bidirectional sharing of any intelligence data within the ThreatQ platform and scale sharing across many teams and organizations of all sizes.</p> <p>Built on the foundation of ThreatQuotient’s support for open intelligence sharing standards, the solution is designed for customization and collaboration. This means individual teams can operate according to their specific needs and collaborate with partners without limiting the breadth of data they want to share or leaking data they want to keep private.</p> <p>Furthermore, ThreatQuotient has prioritized the development of ThreatQ TDR Orchestrator to help organizations enable more efficient and effective operations. Through a data-driven approach, ThreatQ TDR Orchestrator looks to simplify the complexity of process-driven playbooks and accelerate threat detection and response across disparate systems and sources. Innovations including Automation Packs, Atomic Automation, and a ‘no code’ interface further simplify the platform. ThreatQ has many integrations with security tools including EDR, NDR, Cloud, SIEM, IAM that allow both manual and automated workflows.</p> <p>ThreatQuotient supports many standard data formats including CyBox, STIX, TAXII, and YARA. The ThreatQ platform supports a good variety of integrations and offers good scalability. The company should be on the shortlist for organizations looking for a flexible and data-driven approach. ThreatQ appears in the product leadership category.</p> <div class="logospider"><div class="logo"><img src="https://www.kuppingercole.com/pics/lc80763_image45.png" alt="ThreatQuotient" class="logo" /></div> <div class="spider"><img src="https://www.kuppingercole.com/pics/lc80763_image46.png" alt="Product capabilities" class="spiderchart" /></div></div> <table class="productrating"><tbody><tr><td class="title" rowspan="10">Ratings</td> <td><strong>Security</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Functionality</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Deployment</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> <tr> <td><strong>Interoperability</strong></td> <td><img src='/assets/images/research/5white.png' alt='Strong positive' title='Strong positive'></td> </tr> <tr> <td><strong>Usability</strong></td> <td><img src='/assets/images/research/4white.png' alt='Positive' title='Positive'></td> </tr> </tbody> </table> <p>Table 16: ThreatQuotient’s rating</p> <table class="strengths"><tr><td>Strengths</td><td> <li>MFA options available</li> <li>Strong orchestration capabilities</li> <li>DataLinq Engine allows ingestion from multiple sources</li> <li>ThreatQ Data Exchange facilitates collaboration across organizations</li> <li>Dynamic scoring is UI-based and can easily be configured</li> </td></tr></table> <table class="challenges"><tr><td>Challenges</td><td> <li>More complicated licensing options</li> <li>Supporting multi-tenancy would be beneficial, but the platform can achieve comparable outcomes by leveraging ThreatQ Data Exchange.</li> </td></tr></table> <div><table class="leaderin"><tr><td>Leader in</td><td><img src="/assets/images/research/overallleader.svg" title="Overall Leader" style='opacity: 0.1;'></td><td><img src="/assets/images/research/productleader.svg" title="Product Leader"></td><td><img src="/assets/images/research/innovationleader.svg" title="Innovation Leader"style='opacity: 0.1;'></td><td><img src="/assets/images/research/marketleader.svg" title="Market Leader"style='opacity: 0.1;'></td></tr></table></div> <h1 id="heading6">6 Vendors to Watch</h1> <p>Besides the vendors covered in detail in this document, we observe some other vendors in the market that readers should be aware of. These vendors may not fully fit the market definition but offer a significant contribution to the market space. This may be for their supportive capabilities to the solutions reviewed in this document, for their unique methods of addressing the challenges of this segment or may be a fast-growing start-up that may be a strong competitor in the future.</p> <p><strong>Analyst1</strong> – Analyst1 was founded in 2012 and it’s headquartered in Washington DC. The company offers a platform that includes threat intelligence, threat detection and response, and SOAR features.</p> <p>Why worth watching: The solution automates the creation of threat actor and malware profiles while providing contextual and actionable insights from multiple data sources. It also identifies an organization’s assets and systems with vulnerabilities known to be exploited by adversaries.</p> <p><strong>CrowdStrike</strong> – CrowdStrike was founded in the Bay Area in 2011 as a cloud-native endpoint protection platform. CrowdStrike has expanded their product offerings beyond EDR and has acquired several security specialist firms in recent years.</p> <p>Why worth watching: The Falcon Fusion SOAR platform leverages CrowdStrike’s Security Cloud which facilitates visibility into endpoints, identities, and applications across IaaS, PaaS, and SaaS environments. The platform also uses conditional branching and sequence logic features to increase flexibility and build workflows with any set of conditions.</p> <p><strong>Elastic –</strong> The company was founded in 2012 and it is headquartered in Mountain View, California. Elastic makes data usable in real time and at scale for enterprise search, observability, and security. Elastic Security combines SIEM, SOAR, endpoint security, and threat hunting functions with the existing collection, search, and visualization capabilities of the core platform, all under a single license.</p> <p>Why worth watching: The solution extends orchestration and automation capabilities by linking <a href="https://www.elastic.co/security" target="_blank">Elastic Security</a> with your system of choice. The solution is open and transparent, offering numerous partners and integrations.</p> <p><strong>Exabeam</strong> – Exabeam was founded in 2013 in Silicon Valley. Exabeam offers a fully integrated security analytics management platform, which encompasses UBA, next-gen SIEM, threat intelligence, as well as SOAR.</p> <p>Why worth watching: Exabeam Incident Responder and Exabeam Threat Hunter are two essential components that provide a full SOAR functionality. In addition, Exabeam has a wide range of connectors for various data sources and security tools, enabling deep integration and automated responses.</p> <p><strong>LogRhythm</strong> – LogRhythm is an information security company based in Boulder, Colorado and founded in 2003. Currently, the company offers a broad portfolio of security solutions beyond log management, including SIEM, UEBA, SOAR, as well as NDR and XDR products.</p> <p>Why worth watching: LogRhythm provides a unified security intelligence platform combining next-generation SIEM, log management, network and endpoint monitoring and forensics with full threat lifecycle management and response orchestration.</p> <p><strong>Logsign</strong> – The company was founded in 2010 and has offices in the Netherlands, Turkey, and USA. The primary products are Logsign Next-Gen SIEM and Logsign SOAR.</p> <p>Why worth watching: For Logsign SOAR, playbooks are enacted by &quot;bots&quot;, including separate bots for investigations, analysis tasks, response, and remediation actions. This allows Logsign playbooks to process multiple activity streams in parallel rather than only sequentially.</p> <p><strong>MicroFocus</strong> – Founded in 1976, Micro Focus is a British multinational software company headquartered in Newbury, UK. The company is one of the world's largest enterprise software providers and offers mission-critical technology and consulting services to thousands of customers. MicroFocus acquired ATAR, a SOAR specialist, in 2020.</p> <p>Why worth watching: The ArcSight ESM product is a next-generation SIEM solution which includes real-time detection, scalable event monitoring, threat intelligence feeds, and ArcSight’s native SOAR. With ArcSight ESM, threat data is aggregated, normalized, and enriched for greater threat visibility. MicroFocus SOAR will be covered in future reports.</p> <p><strong>Securonix</strong> – Securonix was formed in 2008 and is headquartered in Addison, Texas. The Securonix Security Operations and Analytics Platform provides security analytics technology for collecting, analyzing, and visualizing a wide range of business and security information and converting it into actionable intelligence.</p> <p>Why worth watching: Their security analytics platform includes Data Lake, NDR (NTA), SIEM, UBA, and XDR. Securonix SOAR integrates with these components.</p> <p><strong>SIRP</strong> – SIRP is a start-up founded in 2017 and based in London. SIRP is a risk-based SOAR platform that combines security orchestration, playbook automation and case management capabilities to optimize processes for threat response and vulnerability management. The platform applies risk scoring and context to accelerate investigation and incident response.</p> <p>Why worth watching: Their presence in the Middle East, both in terms of customers and sales target, is a plus for that region and for their own growth potential. Organizations that prefer a cost-effective and user-friendly SOAR solution for their mid-market and enterprise security needs should consider SIRP.</p> <h1 id="heading7">7 Related Research</h1> <p><a href="https://www.kuppingercole.com/research/lc80016/security-orchestration-automation-and-response-soar" target="_blank">Leadership Compass SOAR 2020</a> <a href="https://www.kuppingercole.com/research/bc80756/security-orchestration-automation-and-response-soar" target="_blank">Buyer's Compass SOAR</a> <a href="https://www.kuppingercole.com/research/lb80008/find-your-route-from-siem-to-sip-and-soar" target="_blank">Leadership Brief Find Your Route from SIEM to SIP to SOAR</a><br /> <a href="https://www.kuppingercole.com/research/mc80760/security-operations-center-as-a-service-socaas" target="_blank">Leadership Compass Security Operations Center as a Service</a><br /> <a href="https://www.kuppingercole.com/research/lc80473/intelligent-siem-platforms" target="_blank">Leadership Compass Intelligent SIEM Platforms</a><br /> <a href="https://www.kuppingercole.com/research/bc80795/security-operations-center-as-a-service-socaas" target="_blank">Buyer’s Compass Security Operations Center as a Service</a><br /> <a href="https://www.kuppingercole.com/research/ev80536/palo-alto-networks-xsoar" target="_blank">Executive View Palo Alto XSOAR</a><br /> <a href="https://www.kuppingercole.com/research/ev80141/manageengine-log360" target="_blank">Executive View ManageEngine Log360</a><br /> <a href="https://www.kuppingercole.com/research/ab72551/architecting-your-security-operations-centre" target="_blank">Advisory Note Architecting Your Security Operations Center</a></p> <h1 id="heading8">8 Methodology</h1> <h2 id="heading8.1">8.1 About KuppingerCole's Leadership Compass</h2> <p>KuppingerCole Leadership Compass is a tool which provides an overview of a particular IT market segment and identifies the leaders within that market segment. It is the compass which assists you in identifying the vendors and products/services in that market which you should consider for product decisions. It should be noted that it is inadequate to pick vendors based only on the information provided within this report. </p> <p>Customers must always define their specific requirements and analyze in greater detail what they need. This report doesn’t provide any recommendations for picking a vendor for a specific customer scenario. This can be done only based on a more thorough and comprehensive analysis of customer requirements and a more detailed mapping of these requirements to product features, i.e. a complete assessment. </p> <h2 id="heading8.2">8.2 Types of Leadership</h2> <p>We look at four types of leaders: </p> <ul> <li><strong>Product Leaders:</strong> Product Leaders identify the leading-edge products in the particular market. These products deliver most of the capabilities we expect from products in that market segment. They are mature. </li> <li><strong>Market Leaders:</strong> Market Leaders are vendors which have a large, global customer base and a strong partner network to support their customers. A lack in global presence or breadth of partners can prevent a vendor from becoming a Market Leader. </li> <li><strong>Innovation Leaders:</strong> Innovation Leaders are those vendors which are driving innovation in the market segment. They provide several of the most innovative and upcoming features we hope to see in the market segment. </li> <li><strong>Overall Leaders:</strong> Overall Leaders are identified based on a combined rating, looking at the strength of products, the market presence, and the innovation of vendors. Overall Leaders might have slight weaknesses in some areas, but they become Overall Leaders by being above average in all areas. </li> </ul> <p>For every area, we distinguish between three levels of products: </p> <ul> <li><strong>Leaders:</strong> This identifies the Leaders as defined above. Leaders are products which are exceptionally strong in certain areas. </li> <li><strong>Challengers:</strong> This level identifies products which are not yet Leaders but have specific strengths which might make them Leaders. Typically, these products are also mature and might be leading-edge when looking at specific use cases and customer requirements. </li> <li><strong>Followers:</strong> This group contains vendors whose products lag in some areas, such as having a limited feature set or only a regional presence. The best of these products might have specific strengths, making them a good or even best choice for specific use cases and customer requirements but are of limited value in other situations. </li> </ul> <p>Our rating is based on a broad range of input and long experience in that market segment. Input consists of experience from KuppingerCole advisory projects, feedback from customers using the products, product documentation, and a questionnaire sent out before creating the KuppingerCole Leadership Compass, and other sources. </p> <h2 id="heading8.3">8.3 Product Rating</h2> <p>KuppingerCole Analysts AG as an analyst company regularly evaluates products/services and vendors. The results are, among other types of publications and services, published in the KuppingerCole Leadership Compass Reports, KuppingerCole Executive Views, KuppingerCole Product Reports, and KuppingerCole Vendor Reports. KuppingerCole uses a standardized rating to provide a quick overview on our perception of the products or vendors. Providing a quick overview of the KuppingerCole rating of products requires an approach combining clarity, accuracy, and completeness of information at a glance. </p> <p>KuppingerCole uses the following categories to rate products:</p> <ul> <li><strong>Security</strong></li> <li><strong>Functionality</strong></li> <li><strong>Deployment</strong></li> <li><strong>Interoperability</strong></li> <li><strong>Usability</strong></li> </ul> <p><strong>Security</strong> is primarily a measure of the degree of security within the product/service. This is a key requirement. We look for evidence of a well-defined approach to internal security as well as capabilities to enable its secure use by the customer, including authentication measures, access controls, and use of encryption. The rating includes our assessment of security vulnerabilities, the way the vendor deals with them, and some selected security features of the product/service.</p> <p><strong>Functionality</strong> is a measure of three factors: what the vendor promises to deliver, the state of the art and what KuppingerCole expects vendors to deliver to meet customer requirements. To score well there must be evidence that the product / service delivers on all of these.</p> <p><strong>Deployment</strong> is measured by how easy or difficult it is to deploy and operate the product or service. This considers the degree in which the vendor has integrated the relevant individual technologies or products. It also looks at what is needed to deploy, operate, manage, and discontinue the product / service. </p> <p><strong>Interoperability</strong> refers to the ability of the product / service to work with other vendors’ products, standards, or technologies. It considers the extent to which the product / service supports industry standards as well as widely deployed technologies. We also expect the product to support programmatic access through a well-documented and secure set of APIs. </p> <p><strong>Usability</strong> is a measure of how easy the product / service is to use and to administer. We look for user interfaces that are logically and intuitive as well as a high degree of consistency across user interfaces across the different products / services from the vendor.</p> <p>We focus on security, functionality, ease of delivery, interoperability, and usability for the following key reasons: </p> <ul> <li>Increased People Participation: Human participation in systems at any level is the highest area of cost and the highest potential for failure of IT projects. </li> <li>Lack of excellence in Security, Functionality, Ease of Delivery, Interoperability, and Usability results in the need for increased human participation in the deployment and maintenance of IT services. </li> <li>Increased need for manual intervention and lack of Security, Functionality, Ease of Delivery, Interoperability, and Usability not only significantly increase costs, but inevitably lead to mistakes that can create opportunities for attack to succeed and services to fail. </li> </ul> <p>KuppingerCole’s evaluation of products / services from a given vendor considers the degree of product Security, Functionality, Ease of Delivery, Interoperability, and Usability which to be of the highest importance. This is because lack of excellence in any of these areas can result in weak, costly and ineffective IT infrastructure.</p> <h2 id="heading8.4">8.4 Vendor Rating</h2> <p>We also rate vendors on the following characteristics</p> <ul> <li><strong>Innovativeness</strong></li> <li><strong>Market position</strong></li> <li><strong>Financial strength</strong></li> <li><strong>Ecosystem</strong></li> </ul> <p><strong>Innovativeness</strong> is measured as the capability to add technical capabilities in a direction which aligns with the KuppingerCole understanding of the market segment(s). Innovation has no value by itself but needs to provide clear benefits to the customer. However, being innovative is an important factor for trust in vendors, because innovative vendors are more likely to remain leading-edge. Vendors must support technical standardization initiatives. Driving innovation without standardization frequently leads to lock-in scenarios. Thus, active participation in standardization initiatives adds to the positive rating of innovativeness.</p> <p><strong>Market position</strong> measures the position the vendor has in the market or the relevant market segments. This is an average rating over all markets in which a vendor is active. Therefore, being weak in one segment doesn’t lead to a very low overall rating. This factor considers the vendor’s presence in major markets.</p> <p><strong>Financial strength</strong> even while KuppingerCole doesn’t consider size to be a value by itself, financial strength is an important factor for customers when making decisions. In general, publicly available financial information is an important factor therein. Companies which are venture-financed are in general more likely to either fold or become an acquisition target, which present risks to customers considering implementing their products.</p> <p><strong>Ecosystem</strong> is a measure of the support network vendors have in terms of resellers, system integrators, and knowledgeable consultants. It focuses mainly on the partner base of a vendor and the approach the vendor takes to act as a “good citizen” in heterogeneous IT environments.</p> <p>Again, please note that in KuppingerCole Leadership Compass documents, most of these ratings apply to the specific product and market segment covered in the analysis, not to the overall rating of the vendor.</p> <h2 id="heading8.5">8.5 Rating Scale for Products and Vendors</h2> <p>For vendors and product feature areas, we use a separate rating with five different levels, beyond the Leadership rating in the various categories. These levels are</p> <ul> <li><strong>Strong positive</strong>: Outstanding support for the subject area, e.g. product functionality, or outstanding position of the company for financial stability.</li> <li><strong>Positive</strong>: Strong support for a feature area or strong position of the company, but with some minor gaps or shortcomings. Using Security as an example, this can indicate some gaps in fine-grained access controls of administrative entitlements. For market reach, it can indicate the global reach of a partner network, but a rather small number of partners.</li> <li><strong>Neutral</strong>: Acceptable support for feature areas or acceptable position of the company, but with several requirements we set for these areas not being met. Using functionality as an example, this can indicate that some of the major feature areas we are looking for aren’t met, while others are well served. For Market Position, it could indicate a regional-only presence.</li> <li><strong>Weak</strong>: Below-average capabilities in the product ratings or significant challenges in the company ratings, such as very small partner ecosystem.</li> <li><strong>Critical</strong>: Major weaknesses in various areas. This rating most commonly applies to company ratings for market position or financial strength, indicating that vendors are very small and have a very low number of customers.</li> </ul> <h2 id="heading8.6">8.6 Inclusion and Exclusion of Vendors</h2> <p>KuppingerCole tries to include all vendors within a specific market segment in their Leadership Compass documents. The scope of the document is global coverage, including vendors which are only active in regional markets such as Germany, Russia, or the US.</p> <p>However, there might be vendors which don’t appear in a Leadership Compass document due to various reasons:</p> <ul> <li><strong>Limited market visibility:</strong> There might be vendors and products which are not on our radar yet, despite our continuous market research and work with advisory customers. This usually is a clear indicator of a lack in Market Leadership.</li> <li><strong>Declined to participate:</strong> Vendors might decide to not participate in our evaluation and refuse to become part of the Leadership Compass document. KuppingerCole tends to include their products anyway if sufficient information for evaluation is available, thus providing a comprehensive overview of leaders in the market segment.</li> <li><strong>Lack of information supply:</strong> Products of vendors which don’t provide the information we have requested for the Leadership Compass document will not appear in the document unless we have access to sufficient information from other sources.</li> <li><strong>Borderline classification:</strong> Some products might have only small overlap with the market segment we are analyzing. In these cases, we might decide not to include the product in that KuppingerCole Leadership Compass.</li> </ul> <p>The target is providing a comprehensive view of the products in a market segment. KuppingerCole will provide regular updates on their Leadership Compass documents.</p> <p>We provide a quick overview about vendors not covered and their offerings in chapter Vendors and Market Segments to watch. In that chapter, we also look at some other interesting offerings around the market and in related market segments.</p> <h1 id="heading9">9 Copyright</h1> <p>© 2025 KuppingerCole Analysts AG. All rights reserved. Reproducing or distributing this publication in any form is prohibited without prior written permission. The conclusions, recommendations, and predictions in this document reflect KuppingerCole's initial views. As we gather more information and conduct deeper analysis, the positions presented here may undergo refinements or significant changes. KuppingerCole disclaims all warranties regarding the completeness, accuracy, and adequacy of this information. Although KuppingerCole research documents may discuss legal issues related to information security and technology, we do not provide legal services or advice, and our publications should not be used as such. KuppingerCole assumes no liability for errors or inadequacies in the information contained in this document. Any expressed opinion may change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Their use does not imply any affiliation with or endorsement by them. </p> <p>KuppingerCole Analysts supports IT professionals with exceptional expertise to define IT strategies and make relevant decisions. As a leading analyst firm, KuppingerCole offers firsthand, vendor-neutral information. Our services enable you to make decisions crucial to your business with confidence and security. </p> <p>Founded in 2004, KuppingerCole is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity &amp; IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as technologies enabling Digital Transformation. We assist companies, corporate users, integrators, and software manufacturers to address both tactical and strategic challenges by making better decisions for their business success. Balancing immediate implementation with long-term viability is central to our philosophy.</p> <p>For further information, please contact <strong><a href="mailto:clients@kuppingercole.com" target="_blank">clients@kuppingercole.com</a></strong>.</p> </div> </article> </div> <div class="flex flex-col min-w-[400px] max-w-[400px] md:min-w-full"> <div class="grid min-w-[400px] lg:min-w-full h-max bg-white-100 dark:bg-black-20 p-5 md:p-0 lg:mt-10 mb-10 lg:self-end"> <div class="text-black-100 dark:text-white-100 text-title p-5 lg:mt-10 lg:pt-0">Top related content</div> <div class="flex flex-col lg:grid lg:grid-cols-2 md:flex md:flex-col"> <a href="/blog/ashford/navigator-security-automation" class="flex flex-row lg:flex-col items-center lg:items-start gap-4 hover:bg-grey-5 p-5" title="Blog: Security Automation"> <div style="width: 160px;" class="w-[160px] flex flex-col items-start justify-end "> <img style="width: 160px; max-width:fit-content;" class="" src="/pictures/400/2021_dashboard_navigator_1000x563.jpg"> <div class="bg-white-100 text-grey-100 text-paragraph-small rounded-full grey-border absolute py-[2px] px-3 shadow" style="margin: 8px;"> Blog </div> </div> <div class="h-full flex flex-col items-start justify-start gap-y-1"> <div class="w-full text-color-default text-paragraph-small lg:text-paragraph-regular col-span-3 multiline-ellipsis-3">Security Automation</div> <div class="text-paragraph-small text-grey-80 dark:text-white-60">Warwick Ashford</div> </div> </a> <a href="/watch/power-of-soar" class="flex flex-row lg:flex-col items-center lg:items-start gap-4 hover:bg-grey-5 p-5" title="Webinar Recording: Transforming SOCs: The Power of SOAR Solutions"> <div style="width: 160px;" class="w-[160px] flex flex-col items-start justify-end "> <img style="width: 160px; max-width:fit-content;" class="" src="/pictures/400/2024_webinar_bigpicture_1280x720px_nov20.jpg"> <div class="bg-white-100 text-grey-100 text-paragraph-small rounded-full grey-border absolute py-[2px] px-3 shadow" style="margin: 8px;"> Webinar Recording </div> </div> <div class="h-full flex flex-col items-start justify-start gap-y-1"> <div class="w-full text-color-default text-paragraph-small lg:text-paragraph-regular col-span-3 multiline-ellipsis-3">Transforming SOCs: The Power of SOAR Solutions</div> <div class="text-paragraph-small text-grey-80 dark:text-white-60">Alejandro Leal</div> </div> </a> <a href="/watch/are-you-ready-for-security-automation" class="flex flex-row lg:flex-col items-center lg:items-start gap-4 hover:bg-grey-5 p-5" title="Webinar Recording: Are You Ready for Security Automation?"> <div style="width: 160px;" class="w-[160px] flex flex-col items-start justify-end "> <img style="width: 160px; max-width:fit-content;" class="" src="/pictures/400/2021_webinar_bigpicture_1000x563px_may5.jpg"> <div class="bg-white-100 text-grey-100 text-paragraph-small rounded-full grey-border absolute py-[2px] px-3 shadow" style="margin: 8px;"> Webinar Recording </div> </div> <div class="h-full flex flex-col items-start justify-start gap-y-1"> <div class="w-full text-color-default text-paragraph-small lg:text-paragraph-regular col-span-3 multiline-ellipsis-3">Are You Ready for Security Automation?</div> <div class="text-paragraph-small text-grey-80 dark:text-white-60">John Tolbert</div> </div> </a> <a href="/watch/soar-enhanced-secops-strategy-2021-03-25-tolbert" class="flex flex-row lg:flex-col items-center lg:items-start gap-4 hover:bg-grey-5 p-5" title="Event Recording: John Tolbert: Why Enterprises are Choosing SOAR for SOCs"> <div style="width: 160px;" class="w-[160px] flex flex-col items-start justify-end "> <img style="width: 160px; max-width:fit-content;" class="" src="/pictures/400/2021_kclive_soar_tolbert.jpg"> <div class="bg-white-100 text-grey-100 text-paragraph-small rounded-full grey-border absolute py-[2px] px-3 shadow" style="margin: 8px;"> Event Recording </div> </div> <div class="h-full flex flex-col items-start justify-start gap-y-1"> <div class="w-full text-color-default text-paragraph-small lg:text-paragraph-regular col-span-3 multiline-ellipsis-3">John Tolbert: Why Enterprises are Choosing SOAR for SOCs</div> <div class="text-paragraph-small text-grey-80 dark:text-white-60">John Tolbert</div> </div> </a> <a href="/blog/tolbert/why-enterprises-are-choosing-soar-for-socs" class="flex flex-row lg:flex-col items-center lg:items-start gap-4 hover:bg-grey-5 p-5" title="Blog: Why Enterprises Are Choosing SOAR for SOCs"> <div style="width: 160px;" class="w-[160px] flex flex-col items-start justify-end "> <img style="width: 160px; max-width:fit-content;" class="" src="/pictures/400/kcblog.jpg"> <div class="bg-white-100 text-grey-100 text-paragraph-small rounded-full grey-border absolute py-[2px] px-3 shadow" style="margin: 8px;"> Blog </div> </div> <div class="h-full flex flex-col items-start justify-start gap-y-1"> <div class="w-full text-color-default text-paragraph-small lg:text-paragraph-regular col-span-3 multiline-ellipsis-3">Why Enterprises Are Choosing SOAR for SOCs</div> <div class="text-paragraph-small text-grey-80 dark:text-white-60">John Tolbert</div> </div> </a> </div> </div> <div class="flex lg:hidden flex-col mb-6" id="tableofcontents"> <div class="bg-white-100 dark:bg-black-20-solid shadow p-10 flex flex-col w-full h-full overflow-y-auto"> <div class="text-black-100 dark:text-white-100 text-title pb-6">Table of Contents</div> <div class="h-full flex flex-col text-paragraph-regular text-color-default"> <a class="flex flex-row justify-between py-3 px-2 toc-link" data-reference-id="#heading1" href="#heading1"> <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">1 Introduction / Executive Summary</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="collapse_toc-1-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="collapse_toc-1-children" data-target-parent="#heading1"> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading1.1" href="#heading1.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">1.1 Highlights</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading1.2" href="#heading1.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">1.2 Market Segment</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading1.3" href="#heading1.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">1.3 Delivery Models</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading1.4" href="#heading1.4" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">1.4 Required Capabilities</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 px-2 toc-link" data-reference-id="#heading2" href="#heading2"> <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">2 Leadership</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="collapse_toc-2-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="collapse_toc-2-children" data-target-parent="#heading2"> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading2.1" href="#heading2.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">2.1 Overall Leadership</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading2.2" href="#heading2.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">2.2 Product Leadership</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading2.3" href="#heading2.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">2.3 Innovation Leadership</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading2.4" href="#heading2.4" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">2.4 Market Leadership</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 px-2 toc-link" data-reference-id="#heading3" href="#heading3"> <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">3 Correlated View</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="collapse_toc-3-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="collapse_toc-3-children" data-target-parent="#heading3"> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading3.1" href="#heading3.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">3.1 The Market/Product Matrix</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading3.2" href="#heading3.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">3.2 The Product/Innovation Matrix</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading3.3" href="#heading3.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">3.3 The Innovation/Market Matrix</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 px-2 toc-link" data-reference-id="#heading4" href="#heading4"> <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">4 Products and Vendors at a Glance</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link" data-reference-id="#heading5" href="#heading5"> <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5 Product/Vendor evaluation</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="collapse_toc-5-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="collapse_toc-5-children" data-target-parent="#heading5"> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.1" href="#heading5.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.1 D3 Security – NextGen SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.2" href="#heading5.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.2 Fortinet – FortiSOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.3" href="#heading5.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.3 IBM – QRadar SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.4" href="#heading5.4" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.4 Logpoint – Logpoint SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.5" href="#heading5.5" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.5 ManageEngine – Log360</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.6" href="#heading5.6" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.6 Microsoft – Sentinel</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.7" href="#heading5.7" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.7 Palo Alto Networks – Cortex XSOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.8" href="#heading5.8" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.8 Rapid7 – InsightConnect</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.9" href="#heading5.9" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.9 Securaa – Securaa</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.10" href="#heading5.10" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.10 ServiceNow – Security Incident Response (SIR)</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.11" href="#heading5.11" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.11 Splunk – Splunk SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.12" href="#heading5.12" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.12 Sumo Logic – Sumo Logic Cloud SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.13" href="#heading5.13" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.13 Swimlane – Swimlane Turbine</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading5.14" href="#heading5.14" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">5.14 ThreatQuotient – ThreatQ Platform</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 px-2 toc-link" data-reference-id="#heading6" href="#heading6"> <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">6 Vendors to Watch</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link" data-reference-id="#heading7" href="#heading7"> <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">7 Related Research</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link" data-reference-id="#heading8" href="#heading8"> <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">8 Methodology</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="collapse_toc-8-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="collapse_toc-8-children" data-target-parent="#heading8"> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading8.1" href="#heading8.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">8.1 About KuppingerCole's Leadership Compass</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading8.2" href="#heading8.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">8.2 Types of Leadership</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading8.3" href="#heading8.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">8.3 Product Rating</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading8.4" href="#heading8.4" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">8.4 Vendor Rating</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading8.5" href="#heading8.5" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">8.5 Rating Scale for Products and Vendors</div> </div> </a> <a class="flex flex-row justify-between py-3 px-2 toc-link ml-6 mt-4" data-reference-id="#heading8.6" href="#heading8.6" > <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">8.6 Inclusion and Exclusion of Vendors</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 px-2 toc-link" data-reference-id="#heading9" href="#heading9"> <div class="flex flex-row toc-link w-full"> <div class="w-full pl-4">9 Copyright</div> </div> </a> </div> </div> <div data-backtotop class="hidden toc-backtotop flex-row cursor-pointer items-center mt-4 self-end justify-end text-grey-80 dark:text-white-85"> Back to top <div class="h-6 w-6 ml-2 opacity-80"> <img class="hidden dark:block h-full w-full rotate-90" src="/assets/icons/dark/ArrowLeft.svg" alt="" /> <img class="block dark:hidden h-full w-full rotate-90" src="/assets/icons/light/ArrowLeft.svg" alt="" /> </div> </div> </div> <div class="hidden lg:block fixed bottom-0 left-0 w-screen dark:bg-grey-100 cursor-pointer z-20" id="TOCMobileButton"> <div class="p-6 bg-white-100 dark:bg-black-20 flex flex-row justify-between"> <div class="text-color-default text-title">Table of Contents</div> <div class="w-6 h-6"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/TableOfContents.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/TableOfContents.svg" alt="" /> </div> </div> </div> <div class="hidden w-screen h-screen top-0 left-0 fixed bg-white-100 dark:bg-grey-100 px-6 py-5 z-30" id="TOCMobile"> <div class="flex flex-row justify-between"> <div class="text-black-100 dark:text-white-100 text-title">Table of contents</div> <div class="flex flex-row items-center text-color-default text-paragraph-regular cursor-pointer" onclick="document.querySelector('#TOCMobile').classList.toggle('hidden');document.body.classList.toggle('body-no-scroll');"> Close <div class="w-6 h-6 ml-1"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/Close.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/Close.svg" alt="" /> </div> </div> </div> <div class="flex flex-col mt-6 h-[calc(100vh-108px)] overflow-y-auto" id="TOCMobileItems"> <a class="flex flex-row justify-between py-3 pr-2 flex flex-row justify-between py-3 pr-2 toc-link mt-4 toc-link" data-reference-id="mobile_toc-1" href="#heading1"> <div class="flex flex-row toc-link w-full"> <div class="w-full">1 Introduction / Executive Summary</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="mobile_toc-1-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="mobile_toc-1-children" data-target-parent="mobile_toc-1"> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-11" href="#heading1.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full">1.1 Highlights</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-12" href="#heading1.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full">1.2 Market Segment</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-13" href="#heading1.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full">1.3 Delivery Models</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-14" href="#heading1.4" > <div class="flex flex-row toc-link w-full"> <div class="w-full">1.4 Required Capabilities</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 pr-2 flex flex-row justify-between py-3 pr-2 toc-link mt-4 toc-link" data-reference-id="mobile_toc-2" href="#heading2"> <div class="flex flex-row toc-link w-full"> <div class="w-full">2 Leadership</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="mobile_toc-2-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="mobile_toc-2-children" data-target-parent="mobile_toc-2"> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-21" href="#heading2.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full">2.1 Overall Leadership</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-22" href="#heading2.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full">2.2 Product Leadership</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-23" href="#heading2.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full">2.3 Innovation Leadership</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-24" href="#heading2.4" > <div class="flex flex-row toc-link w-full"> <div class="w-full">2.4 Market Leadership</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 pr-2 flex flex-row justify-between py-3 pr-2 toc-link mt-4 toc-link" data-reference-id="mobile_toc-3" href="#heading3"> <div class="flex flex-row toc-link w-full"> <div class="w-full">3 Correlated View</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="mobile_toc-3-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="mobile_toc-3-children" data-target-parent="mobile_toc-3"> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-31" href="#heading3.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full">3.1 The Market/Product Matrix</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-32" href="#heading3.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full">3.2 The Product/Innovation Matrix</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-33" href="#heading3.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full">3.3 The Innovation/Market Matrix</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 pr-2 flex flex-row justify-between py-3 pr-2 toc-link mt-4 toc-link" data-reference-id="mobile_toc-4" href="#heading4"> <div class="flex flex-row toc-link w-full"> <div class="w-full">4 Products and Vendors at a Glance</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 flex flex-row justify-between py-3 pr-2 toc-link mt-4 toc-link" data-reference-id="mobile_toc-5" href="#heading5"> <div class="flex flex-row toc-link w-full"> <div class="w-full">5 Product/Vendor evaluation</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="mobile_toc-5-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="mobile_toc-5-children" data-target-parent="mobile_toc-5"> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-51" href="#heading5.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.1 D3 Security – NextGen SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-52" href="#heading5.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.2 Fortinet – FortiSOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-53" href="#heading5.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.3 IBM – QRadar SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-54" href="#heading5.4" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.4 Logpoint – Logpoint SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-55" href="#heading5.5" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.5 ManageEngine – Log360</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-56" href="#heading5.6" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.6 Microsoft – Sentinel</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-57" href="#heading5.7" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.7 Palo Alto Networks – Cortex XSOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-58" href="#heading5.8" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.8 Rapid7 – InsightConnect</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-59" href="#heading5.9" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.9 Securaa – Securaa</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-510" href="#heading5.10" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.10 ServiceNow – Security Incident Response (SIR)</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-511" href="#heading5.11" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.11 Splunk – Splunk SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-512" href="#heading5.12" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.12 Sumo Logic – Sumo Logic Cloud SOAR</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-513" href="#heading5.13" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.13 Swimlane – Swimlane Turbine</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-514" href="#heading5.14" > <div class="flex flex-row toc-link w-full"> <div class="w-full">5.14 ThreatQuotient – ThreatQ Platform</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 pr-2 flex flex-row justify-between py-3 pr-2 toc-link mt-4 toc-link" data-reference-id="mobile_toc-6" href="#heading6"> <div class="flex flex-row toc-link w-full"> <div class="w-full">6 Vendors to Watch</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 flex flex-row justify-between py-3 pr-2 toc-link mt-4 toc-link" data-reference-id="mobile_toc-7" href="#heading7"> <div class="flex flex-row toc-link w-full"> <div class="w-full">7 Related Research</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 flex flex-row justify-between py-3 pr-2 toc-link mt-4 toc-link" data-reference-id="mobile_toc-8" href="#heading8"> <div class="flex flex-row toc-link w-full"> <div class="w-full">8 Methodology</div> </div> <div onclick="toggleTOCElement(event, this)" data-children-id="mobile_toc-8-children"> <div class="h-6 w-6 open-hidden"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronDown.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronDown.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronDown.svg" /> </div> </div> <div class="h-6 w-6 hidden open-block"> <div class="toc-open-hidden"> <img class="hidden dark:block h-full w-full undefined" src="/assets/icons/dark/ChevronUp.svg" alt="" /> <img class="block dark:hidden h-full w-full undefined" src="/assets/icons/light/ChevronUp.svg" alt="" /> </div> <div class="hidden toc-open-block"> <img src="/assets/icons/dark/ChevronUp.svg" /> </div> </div> </div> </a> <div class="hidden flex-col" id="mobile_toc-8-children" data-target-parent="mobile_toc-8"> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-81" href="#heading8.1" > <div class="flex flex-row toc-link w-full"> <div class="w-full">8.1 About KuppingerCole's Leadership Compass</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-82" href="#heading8.2" > <div class="flex flex-row toc-link w-full"> <div class="w-full">8.2 Types of Leadership</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-83" href="#heading8.3" > <div class="flex flex-row toc-link w-full"> <div class="w-full">8.3 Product Rating</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-84" href="#heading8.4" > <div class="flex flex-row toc-link w-full"> <div class="w-full">8.4 Vendor Rating</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-85" href="#heading8.5" > <div class="flex flex-row toc-link w-full"> <div class="w-full">8.5 Rating Scale for Products and Vendors</div> </div> </a> <a class="flex flex-row justify-between py-3 pr-2 toc-link ml-6 mt-4" data-reference-id="mobile_toc-86" href="#heading8.6" > <div class="flex flex-row toc-link w-full"> <div class="w-full">8.6 Inclusion and Exclusion of Vendors</div> </div> </a> </div> <a class="flex flex-row justify-between py-3 pr-2 flex flex-row justify-between py-3 pr-2 toc-link mt-4 toc-link" data-reference-id="mobile_toc-9" href="#heading9"> <div class="flex flex-row toc-link w-full"> <div class="w-full">9 Copyright</div> </div> </a> </div> </div> </div> </div> </div> <footer class="mh-w-full mh-h-max mh-flex mh-flex-col mh-px-10 header-footer-md:mh-px-6 mh-pt-10 text-grey-100 dark:text-white-85"> <div class="mh-flex mh-flex-row header-footer-md:mh-flex-col header-footer-md:mh-justify-start header-footer-md:mh-items-start mh-justify-between mh-h-10 header-footer-md:mh-h-max mh-items-center"> <div class="mh-flex mh-flex-row mh-items-center header-footer-md:mh-mt-10"> <div class="mh-mr-2"> <a href="#top" onclick="window.scrollTo(0,0); return false;"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Up.svg" title="Back to the top" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Up.svg" title="Back to the top" /> </a> </div> <div> <a href="#top" onclick="window.scrollTo(0,0); return false;">Back to top</a> </div> </div> <div class="mh-flex mh-flex-row mh-items-center header-footer-md:mh-mt-10"> <div class="mh-mr-10"> <a href="https://www.linkedin.com/company/kuppingercole" target="_blank"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Linkedin.svg" alt="Linkedin" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Linkedin.svg" alt="Linkedin" /> </a> </div> <div class="mh-mr-10"> <a href="https://x.com/kuppingercole" target="_blank"> <img class="mh-hidden dark:block h-5 w-5" src="/assets/icons/dark/X.svg" alt="Twitter" /> <img class="mh-block dark:hidden h-5 w-5" src="/assets/icons/light/X.svg" alt="Twitter" /> </a> </div> <div class="mh-mr-10"> <a href="https://www.facebook.com/kuppingercole" target="_blank"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Facebook.svg" alt="Facebook" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Facebook.svg" alt="Facebook" /> </a> </div> <div class="mh-mr-10"> <a href="https://youtube.com/user/kuppingercole" target="_blank"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/YouTube.svg" alt="YouTube" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/YouTube.svg" alt="YouTube" /> </a> </div> <div class="mh-mr-10"> <a href="https://www.instagram.com/kuppingercole/" target="_blank"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/dark/Instagram.svg" alt="Instagram" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/light/Instagram.svg" alt="Instagram" /> </a> </div> </div> </div> <div class="mh-my-10 mh-py-10 mh-flex mh-flex-row mh-justify-between mh-items-center bg-grey-100 dark:bg-white-100 mh-w-screen mh-md:mh--ml-6 stretch mh-px-20 mh-py-10 md:mh-p-6 footer-banner" style="width: 101vw !important;"> <a class="mh-md:mh-hidden" href="https://enx.com/tisax" class="cursor-pointer" target="_blank"> <img class="mh-hidden dark:block mh-w-full" style="height: 100px; width: auto;" src="/assets/logos/TISAX_white.svg" title="TISAX result available" /> <img class="mh-block dark:hidden mh-w-full" style="height: 100px; width: auto;" src="/assets/logos/TISAX_grey.svg" title="TISAX result available" /> </a> <a class="mh-md:mh-hidden" href="https://www.dnv.com/" class="cursor-pointer" target="_blank"> <img class="mh-hidden dark:block mh-w-full" style="height: 100px; width: auto;" src="/assets/logos/dnv-d.png" title="ISO/IEC 27001 certified" /> <img class="mh-block dark:hidden mh-w-full" style="height: 100px; width: auto;" src="/assets/logos/dnv-l.png" title="ISO/IEC 27001 certified" /> </a> <a class="text-paragraph-regular mh-no-underline cursor-pointer mh-flex mh-flex-row mh-items-center mh-justify-center dark:text-black-100" onclick="toggleTheme()"> <div class="mh-leading-4 text-white-100 dark:hidden">Switch to dark theme</div> <div class="mh-leading-4 text-grey-100 mh-hidden dark:block">Switch to light theme</div> <div class="mh-ml-2"> <img class="mh-hidden dark:block mh-h-full mh-w-full" src="/assets/icons/light/Theme.svg" title="Switch to light theme" /> <img class="mh-block dark:hidden mh-h-full mh-w-full" src="/assets/icons/dark/Theme.svg" title="Switch to dark theme" /> </div> </a> </div> <div class="mh-w-full mh-flex mh-flex-row header-footer-md:mh-flex-col mh-justify-between mh-h48 header-footer-md:mh-h-max"> <div class="mh-flex mh-flex-row header-footer-md:mh-justify-between header-footer-md:mh-items-center header-footer-md:mh-mt-6"> <a class="mh-no-underline mh-mr-10 header-footer-md:mh-mr-5 text-paragraph-regular" href="/imprint">Imprint</a> <a class="mh-no-underline mh-mr-10 header-footer-md:mh-mr-5 text-paragraph-regular" href="/terms-of-use">Terms of Use</a> <a class="mh-no-underline mh-mr-10 header-footer-md:mh-mr-0 text-paragraph-regular" href="/privacy">Privacy Policy</a> <a class="mh-no-underline mh-mr-10 header-footer-md:mh-mr-0 text-paragraph-regular" href="https://kpgr.co/dsr">Privacy Request</a> <span class="text-paragraph-small text-grey-60 dark:text-white-60 header-footer-md:mh-hidden"> © Copyright KuppingerCole Analysts AG </span> </div> <span class="text-paragraph-small text-grey-60 dark:text-white-60 mh-hidden header-footer-md:mh-block mh-mt-6 mh-text-center"> © Copyright KuppingerCole Analysts AG </span> </div> </footer> </div> <script src="/assets/scripts/darkmode.js?v=13"></script> <script> initializeTheme(); </script> <script src="/assets/scripts/form-control.js"></script> <script src="/assets/scripts/filters.js?v=2"></script> <script src="/assets/scripts/filter-list.js?v=2"></script> <script src="/assets/scripts/article.js?v=13.1"></script> <script src="/assets/scripts/accordion.js"></script> <script src="/assets/scripts/utils.js?v=3"></script> <script src="/assets/scripts/tab-list.js?v=1"></script> <script src="/assets/scripts/swiper.js?v=2"></script> <script src="/assets/scripts/bookmark.js?v=2"></script> <script src="/assets/scripts/share.js"></script> <script src="/assets/scripts/tooltips.js"></script> <script src="/assets/scripts/toastify.js"></script> <script src="/assets/scripts/member-area-tooltip.js?v=1"></script> <script src="/assets/scripts/new-like-dislike.js?v=10.2"></script> <script src="/assets/scripts/header.js?v=20.2"></script> <script> (function(ss,ex){ window.ldfdr=window.ldfdr||function(){ (ldfdr._q=ldfdr._q||[]).push([].slice.call(arguments));}; (function(d,s){ fs=d.getElementsByTagName(s)[0]; function ce(src){ var cs=d.createElement(s); cs.src=src; cs.async=1; fs.parentNode.insertBefore(cs,fs); }; ce('https://sc.lfeeder.com/lftracker_v1_'+ss+(ex?'_'+ex:'')+'.js'); })(document,'script'); })('kn9Eq4RlqYz8RlvP'); </script> <script> var _paq = window._paq = window._paq || []; _paq.push(["setDoNotTrack", true]); _paq.push(['disableCookies']); _paq.push(['trackPageView']); _paq.push(['enableLinkTracking']); (function() { var u="https://stat.kuppingercole.com/"; _paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setSiteId', '1']); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); })(); </script> <noscript><p><img src="https://stat.kuppingercole.com/matomo.php?idsite=1&amp;rec=1" style="border:0;" alt="" /></p></noscript> </body> </html>