Architecture Overview
The Chronicle SOAR platform is used to manage the entire security operations process in an MSSP or enterprise SOC. The platform provides solutions for two major fields:
Handling and solving security threats
- Data ingestion & transformation
- Data enrichment
- Data fusion
- Alert grouping
- Alert prioritization
- Visualization & dashboards
- Orchestration
- Automation
- Response
SOC management
- Case management and auditing
- Collaboration and escalation
- End customers management
- KPIs and ROI measurements
- Reporting
- Maintaining the knowledge base of the SOC
Chronicle SOAR offers multiple deployment modes to support scaled solutions. In addition, the system provides full multi-tenancy to support MMSP/MSSP requirements and use cases.