Transform Risk into Response in Security Incident Management. With STORM.  Learn more.
  • OTRS Software Solutions
    Customizable Software
    OTRS
    OTRS is a highly customizable help desk system. Find your perfect solution.
    Upgrade to OTRS 8
    OTRS On-Premise & Managed Comparison
    ((OTRS)) Community Edition
    OTRS App
    Feature List
    Feature Add-ons
    Solutions for
    IT Service Management
    Support for your IT department with automated, ITIL4-compliant processes
    Office Management
    Automate office management processes with our software solution
    HR Management
    Support your HR team with numerous processes, such as application or leave management
    Information Security Management – CONTROL
    Complete ready-to-implement compliance ISMS solution according to ISO/IEC 27001
    Cyber Defense & SOAR – STORM
    The solution for fast security orchestration, automation, and incident response
    Product and Service Life Cycle
    Release Notes
    Security Advisories
  • Use Cases
    Service Management
    Security Management
    Task Management
    Asset Management
    Technology Management
    Knowledge Management
  • Services
    OTRS Services
    Services
    Consulting, training, customer service: Find official OTRS services
    FAQ
    OTRS Trainings
    Webinars about OTRS
    Get useful information about the latest OTRS version. Watch how OTRS works.
    Academy
    Stay up-to-date with your knowledge about OTRS. Book a training.
    Customer Portal
    Contact Sales
    Contact Consulting
    Contact Customer Service
  • Success Stories
  • OTRSmag
  • Contact
fill 7
fill 7

Transform Risk
into Response
with STORM

  • SOAR Software macht Incident Management schneller & einfacher. Wir zeigen Ihnen wie STORM Cybersecurity- & SOC-Teams zu Höchstleistungen verhilft.

STORM SOAR software means better incident management.

STORM powered by OTRS is cybersecurity incident management software that quickly manages orchestration, automation and response of security incidents.

Plus, there’s a bonus — structured communication. Securely coordinate between IT, security, SOC, risk and management teams too.

Want to see STORM in action?

SOAR software benefits your analysts, SOC and overall organization through automated workflows and built-in intelligence.

Orchestration

Activate the right tools and people instantly – get all hands on deck fast.

Process Automation

Automated IT security processes – no mistakes, no delays.

Incident Management

Prioritize, assess and manage threats faster – focus on what matters most.

Forensics and Compliance

Create audit-proof documentation as you work – guard against future threats.

STORM wins the Incident Management Infosec Award in the Cutting Edge category.

Read more

Infosec Winner Badge 2021

What is a security orchestration, automation and response tool?

SOAR software is a platform used by security operation centers, CSIRT, PSIRTS and other security teams to keep people, processes and tools safe. The incident management software uses automated incident response processes in order to ensure that security and operations teams quickly mitigate threats.

By using a SOAR, no time is wasted in prioritizing, assessing and resolving security incidents.

How Does a SOAR Platform Improve Incident Management?

YouTube

By loading the video, you agree to YouTube’s privacy policy.
Learn more

Load video

Incident management workflows have five high-level steps – incident identification and logging; prioritization and categorization; diagnosis; incident response; and case resolution and closure. SOAR solutions use automation and intelligence to help cybersecurity teams and SOCs facilitate these steps, making incident response quicker.

1. Incident Identification and Logging

Your SIEM gathers possible cybersecurity incident data at lightning speed. With the vast number of alerts coming in, analysts would waste too much time opening and logging cases. Instead, a SOAR uses automation to create new cases.

2. Incident Prioritization and Categorization

Not every SIEM alert is of equal threat to your business. Your cybersecurity team or SOC needs an automation solution to keep up with the influx of alerts. SOAR automation quickly prioritizes each case so that critical incidents are responded to first.

3. Diagnosis

SOAR platforms make diagnosis easier for security analysts. SIEM alerts and other data, like WHOIS or MISP information, are organized in a central location. Intelligence related to their current case is quickly available.

4. Incident Response

Speedy incident response requires the orchestration of many people, tools and services. A SOAR solution automatically notifies all stakeholders – from management and Dev-Ops to IT and operations – that an incident has occurred. Centralized case management in SOAR solutions simplifies orchestration, because each team and service provider documents mitigation steps as they happen; others instantly see progress and status.

5. Case Resolution and Closure

Eventually, the speedy orchestration of all security operations and services results in solutions. To prevent future incidents, SOARs document all response activities in an uneditable way, ensuring that case response is available for forensic evaluation.

From alerts to response, a SOAR platform uses automation to manage the orchestration of all the people, tools, and services needed to ensure speedy incident management and keep your business safer.

STORM has all four necessary SOAR components…and more. STORM features include:

Continuous encryption.
Communicate safely – internally and externally.

  • Encrypt and sign ticket notifications
  • Encrypt emails to multiple recipients
  • Automatically decrypt incoming encrypted email
  • Use Postmaster filters for inbound encrypted email
  • Sign and encrypt ticket notification content
  • Use public S/MIME certificates from the LDAP

Easy integrations.
Maximize existing security tools.

  • Numerous connectivity options via web services
  • Extensive scripting engine to implement your own scripts
  • SIEM data collection

Decision-making data.
Get added oversight and intelligence.

  • In-ticket IP address information, e.g. from WHOIS or other web services
  • In-ticket CVE or MS bulletin details
  • Select the displayed attributes of linked objects, such as tickets
  • Display the order of attributes of linked tickets in individual columns
  • Flexible creation of ticket watchlists to keep you up-to-date, day or night
  • Customized escalation times

How is a SOAR different from a cybersecurity ticketing system?

A cybersecurity ticketing system is the same as a help desk or IT ticketing system. Like an IT ticketing system, a SOAR uses tickets to document and track incidents from start to finish. But that’s only a small part of how a SOAR like STORM helps SOCs, CERTs and other security teams keep businesses safe.

When security incidents strike, companies need software that delivers a coordinated response based on automated IT security processes – a SOAR.

How do I decide between ITSM software and a SOAR?

OTRS ITSM Solution STORM powered by OTRS
Process Automation ITIL and operations ­processes available. Easily define proven ­processes and playbooks.
Reporting Focused on SLAs. Focused on forensics ­and compliance.
Threat Intelligence None. Live data in ticket, e.g. IOCs.
Expertise Possible upon request. Consultants with ready-to-go security ­clearance work with your team ­for approximately 15 days.
Support Desk ­Staffing IT and OTRS product experts. Dedicated security experts.
Test Environment No test instance. Included test instance.

Not sure which is right for you?

STORM was developed by internal OTRS Group security operations experts using the OTRS service management platform as its foundation. OTRS is a world-renowned service management solution that complies with all GDPR-defined processes. The platform has been used by service teams of all sizes, across all industries, since 2001.

Led by the security expertise of the STORM team, the service management solution was developed into a full-fledged SOAR known as STORM.

Get Started with the STORM platform today.

OTRS newsletter

Read more about product features, interesting tips and events in the OTRS newsletter.

We use Keap. Privacy policy