Energy Soar
Blog
  • All
  • Best practice
  • SOAR
  • Use case

NIS2 compliant automatic reports

Custom report workflow

Energy SOAR querying SIEM for additional information

Can Energy SOAR query SIEM for additional information? Sure! We can do it automatically using workflows. SIEM alert enrichment SIEM…

How to handle new local admin account alerts?

It’s important to track suspicious administration activities such as newly created accounts that have been elevated to local administrators. Many…

How to detect and handle technical account misuse incidents?

Technical accounts are quite often used for API access. You can create a correlation rule in your SIEM to detect…

Integrating Request Tracker (RT) with Energy SOAR

Request Tracker is enterprise grade ticketing system. Many organisations use Request Tracker for Incident Response (RTIR) to track, respond to…

How to calculate ROI and time saved metrics?

How to calculate ROI and time saved metrics? Cost of security operations is increasing. Management needs to validate the investment…

Integrating Splunk with Energy SOAR

Splunk App allows to take many different actions: You can retrieve information from Energy SOAR about alerts and cases that…

Integrating Graylog with Energy SOAR

Energy SOAR has a dedicated integration with Graylog – long living log management solution, which became one of best software for log management area.

Integrating IBM QRadar with Energy SOAR

IBM QRadar is advanced SIEM software that is used across the world. By integrating SOAR with QRadar we provide crucial information to help automate and handle incidents in best way.

What is SOAR orchestration?

SIEM correlations produce alerts that you have to respond to. Over time you start seeing trends of the things that happen most frequently. Those become then the opportunities for orchestration.

How to analyze observables automatically

Another day in the SOC office. IT Security that was supposed to be challenging and interesting become repetitive and … boring. Same Alerts every day to analyse. Analyze the attachement, check IP reputation, check file hash, has anyone seen it? You know what I mean? Hope NO, because if YES, than we have little time before complete frustration.