Specifications include, but are not limited to: The University of Maine System sought responses for a Security Orchestration, Automation, and Response (SOAR) Solution. Solution Scope: Security Orchestration, Automation, and Response (SOAR) Solution 1. SaaS / Hosted 2. Built-in support for SSO/OAuth authentication 3. Library of Customizable Playbooks for commonly Used Threat Intel, and Security Operations technologies 4. Built-in integrations for each of the following technologies: 5. Gmail (send & receive), Google Admin API, Splunk API, Tenable.io, CrowdStrike, ActiveDirectory/SCCM, AzureAD, ldap, SQL databases, Syslog 6. Built-in integrations for each of the following threat intel platforms: VirusTotal, Shodan, ShadowServer, HaveIBeenPwned, ProofPoint 7. Built-in integrations for Jira and/or TeamDynamix ticketing Systems 8. Built-in capability to connect SaaS solution with on-prem services that are not internet-facing 9. Built-in support to convert between these common data interchange formats: text, json, excel spreadsheets, csv files 10. Built-in capability to allow customer to create custom workflows using a high-level, Low Code or No Code UI. 11. Built-in capability to allow customer to create custom playbooks/runbook sub-components using javascript or python 12. Built-in capability to allow customer to create integrations for custom REST APIs 13. Built-in capability to allow conditional playbooks/runbooks that are initiated after manual review by security analysts 14. Built-in capability to allow multiple analysts to share case data 15. Licensed capacity for two or more security analysts 16. Built-in dashboards providing overview of alert history, case management, trends, etc
