Detection cannot be outSOARced

Alex Teixeira
4 min readApr 3

After integrating so many tools and data sources into all sorts of security monitoring workflows and processes, let me share a few thoughts in regards to SOAR and how it actually helps (or hinders) the challenge of threat detection based on log telemetry, usually tackled via a SIEM.


Before exploring this question, let me share a quick definition I found on a website after picking one of the first search hits:

SOAR: technology that enable organizations to take inputs from a variety of sources (mostly from…

Alex Teixeira

I design and build threat detection models and triage/hunting interfaces for Enterprise #SecOps teams #DetectionEngineering