Infigo SOAR, a fully integrated solution for Infigo SIEM

Infigo SOAR, or Security Orchestration, Automation, and Response, is a SOAR solution that is directly integrated into Infigo SIEM (Security Information and Event Management). Often, SOAR is a separate solution that acts as an add-on for your SIEM, but we have gone the other route.
That is why we call our SOAR – PAC, or Post Alert Creation. As Shakespeare wrote, "What's in a name? That which we call a rose, By any other name would smell as sweet", an Infigo goes "a SOAR by any other name would work the same". Shakespeare did say that a little bit better, we have to give him that.

Of course, there are pros and cons for both approaches, but we find that integrated SOAR has more pros:
  • it is free – since we've integrated it into SIEM, if you're using Infigo SIEM, SOAR is just another feature you get by using it
  • it is flexible – we're doing SOAR functions through advanced searches; since Infigo SIEM is based on Splunk, SPL takes care of the heavy lifting
  • it is fast – we're not just developing Infigo SIEM, we also have an integration department that is full of Splunk experts; we know how software can be taxing on hardware, so we take special care to optimize every SIEM component

And what about cons, you rightly ask? There is one; standalone commercial SOAR solutions come with more connectors. Connectors that mainly go unused! But what if you really need a connector that doesn't come with Infigo SIEM? You can develop it by yourself, or you can get Infigo to develop it for you. In the end, you'll have a purpose-built system, optimized just for you, and it will still be cheaper than an SIEM+SOAR solution.

You can watch a short(ish) explainer on how it all works, or you can just get a demo or trial license and try for yourself.
< Back to insights