The blog created by Rapid7 concerns security orchestration and automation tools. The blog gives a definition of what these tools do. A SOAR implementation would begin with defining and understanding the security issues being faced by the organization and thinking about what actions would solve the problems. Out of the box solutions should be considered. There is a misconception that SOAR tools only benefit large mature organizations. The blog explains that if the tool integrates with an organizations existing tools and the user interface allows solution definition without programming; many smaller organizations then become candidates.
The blog then goes on to give a step by step example of how a SOAR solution would be of value in identifying and combating a phishing attack. The ability to automate responses to attacks allows the organization to recover valuable resource time. As the volume of data increases the ability of human resources to properly analyze and interpret the data decreases. Security orchestration and automation response solutions address the resource issue head on. Automation allows companies security resources to spend their time on incident investigation and response rather than collecting and summarizing huge amounts of data.
The blog may be viewed here: blog.rapid7.com