Introducing ArcSight SOAR

This release includes the following updates for SOAR:

• FIPS 140-2 Compliance
• SOAR Licensing
• Out Of the Box Playbooks
• MISP Threat Sharing Integration Capabilities

For more information on the SOAR release updates, see the ArcSight SOAR 3.1 Release Notes.

FIPS 140-2 Compliance

ArcSight SOAR is now FIPS 140-2 compliant. Currently, all sub-components in the SOAR architecture operate in the FIPS 140-2 mode. For all sub-components, the FIPS 140-2 mode is always enabled and you do not have the option to disable it.

For more information, see "Using ArcSight Platform and Products in FIPS Mode" in the Administrator’s Guide for ArcSight Platform.

SOAR Licensing

In addition to ESM and Recon users, ArcSight Intelligence users are now entitled to use SOAR without an extra license.

ArcSight SOAR also supports non-autopass ESM licenses. Customers using ESM version 6.11 and later can also use the SOAR capability.

Out of the Box Playbooks

ArcSight SOAR provides out of the box playbook library, which can be used as templates. Customers can customize and use playbooks prepared by Micro Focus experts.

For more information on out of the box playbooks, see the ArcSight SOAR 3.1 User Guide.

MISP Threat Sharing Integration Capabilities

ArcSight SOAR is integrated with MISP Threat Sharing and provides both threat intelligence sharing and enrichment for artifacts capabilities.