SOAR

SOARing beyond Security: GigaOm report challenges old ideas about Security Orchestration, Automation, and Response

In a cybersecurity landscape increasingly defined by complexity and burnout, the latest GigaOm Radar Report for Security Orchestration, Automation, and Response (SOAR) delivers a timely reassessment of automation’s role. Rather than confining SOAR to its traditional niche in incident response, the report reframes it as an adaptable, enterprise-wide capability—especially when implemented through vendor-agnostic platforms.

Among 16 evaluated vendors, Tines stood out as a leader and outperformer in the space, earning exceptional or superior marks across all categories. But what’s more notable is the report’s broader message: SOAR, as a category, may have hit Gartner’s so-called “trough of disillusionment,” but the practice of orchestration and automation is evolving beyond that label.

GigaOm analyst Andrew Green argues that flexible SOAR platforms still offer “immense value,” especially when decoupled from rigid security-only use cases. In his view, platforms like Tines are increasingly positioned as all-purpose automation engines—tools capable of empowering not just cybersecurity teams, but DevOps, HR, IT, and beyond.

The report specifically highlights several emerging areas where modern SOAR platforms shine:

  • Collaborative Case Management: Modern enterprise security requires coordination across silos. Tines’ approach centralizes case workflows across departments, enabling faster and more coordinated responses.
  • Platform Manageability: Ease of use and low-friction integrations are critical. Tines’ intuitive design lowers operational overhead while increasing cross-team adoption.
  • Long-Term Recordkeeping: GigaOm points to Tines’ recordkeeping capabilities as a differentiator, enabling long-term storage of threat intelligence and workflow data that can inform future decisions.
  • Enrichment Everywhere: Tines doesn’t restrict data enrichment to security events. Its enrichment engine applies contextual value to any dataset—regardless of department or use case—enhancing the overall quality of automation.

    • This expanded lens for SOAR couldn’t come at a more critical time. With growing attention on operational resilience and workforce fatigue, organizations are rethinking how they scale cybersecurity without overwhelming human teams. Automation, used thoughtfully, is central to this effort. And GigaOm’s report signals that the best SOAR tools are now those that integrate seamlessly with diverse systems, adapt to new challenges, and help organizations orchestrate smarter—not just faster—responses.

    Tines’ recognition in the report underscores its role in this evolution, but it also spotlights a broader market shift: from security-only automation to enterprise-wide orchestration. In doing so, the GigaOm Radar Report gives SOAR a new runway—one that repositions it not as a fading trend, but as a maturing, mission-critical strategy.

    For organizations reconsidering their automation stack, this report offers both a wake-up call and a roadmap. The future of SOAR isn’t about the acronym—it’s about adaptability, flexibility, and human-centric efficiency.

    Read the full blog and report here: Tines GigaOm Blog

    Bill Brenner

    InfoSec content strategist, researcher, director, tech writer, blogger and community builder. Senior Vice President of Audience Content Strategy at CyberRisk Alliance.

    Related

    Get daily email updates

    SC Media's daily must-read of the most current and pressing daily news

    By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

    Related Terms

    Blue TeamCold Warm Hot Disaster Recovery SiteCountermeasureCronDaemonDisaster Recovery Plan (DRP)

    You can skip this ad in 5 seconds