This thesis explores the implementation of Security Orchestration Automation and Response (SOAR) in a Security Operations Center (SOC) to address the challenges of cybersecurity faced by organizations. Despite the benefits of SOAR, many organizations struggle with its implementation. The thesis outlines the advantages of SOAR and identifies the criteria that a SOC should meet before implementing it. It also examines the reasons why organizations and service owners fail in implementing SOAR. A working SOAR implementation methodology is developed and tested in a real Managed Service Security Provider’s (MSSP) SOC. The thesis aims to provide valuable insights to help organizations make better decisions when implementing SOAR to enhance the effectiveness and efficiency of their SOC. This thesis is written in English and is 52 pages long, including 4 chapters and 2 figures.
Views: 1
