Security Orchestration and Automation Response (SOAR)

Abstract

Digitization and technology have become a familiar thing in our daily lives and an inevitable thing to keep pace with this accelerating world, and it has become necessary for competing companies in this fertile market to devise new technology such as 5G networks and the Internet of Things (IOT) to outperform their peers. This huge divide in the information technology world (IT) has led to an increase in the flow of data and the difficulty of securing it in this competitive Cyberwarfare because "Who owns the information, he owns the world". This great conflict in the field of information security has led to the development, diversity and complexity of attacks,Today’s attackers are more powerful and intelligent than they have ever been. In their attempts to steal information, conduct fraud, misuse resources, and disrupt systems, attackers are inventive and merciless. They’re also patient and have a lot of statistics on their side. Attackers trade information and make research and development investments. They are powerful and organized crime groups. It is impossible to protect against all cyber intrusions. While a strong defensein- depth approach is essential, we must not depend on it entirely to protect our assets. As a result, companies’ priorities are shifting to integrate quick detection and response, since the manual response is no longer enough to achieve minimum security. In this project we propose to develop a platform for Network Security Orchestration, Automation and Response (NSOAR) in order to automate the Network incident response against some vicious attacks that can be very harmful for operating systems, network devices and the sustainability of the company’s infrastructure..