What is SOAPA?
SOAPA (Security Operations and Analytics Platform Architecture) combines key SIEM features with new, cutting edge technology like machine learning and full attack life-cycle detection.
How Does SOAPA Work Compared to Traditional SIEMs?
Traditional SIEMs use a
Collection >Detection > Response model
Step 1. Collection:
Traditional SIEM encourage you to collect as much data as possible. Focuses only on a subset of "potential" data sources. The traditional SIEM does not offer visibility across the entire Enterprise.
Step 2. Detection:Traditional SIEM uses static correlation models. Offers little chance of success when detecting complex threat scenarios. The traditional SIEM generates a high volume of false positives, resulting in "Alert Fatigue."
Step 3. Response:Automation typically doesn't exist. Investigation and Remediation become manual efforts and can be very time consuming for your SecOps team.
Response > Detection > Collection model