ArcSight SOAR-3.2 Configuring ArcSight SOAR for Effective Threat Response-L3xx (SOAR360)


Course Overview

This course teaches you how to configure ArcSight SOAR to receive alerts, integrate with other products, and create Playbooks.

Who should attend

This course is designed for Security Content Developers, who may be Analysts or Administrators.


This course assumes a familiarity working with ArcSight ESM but it is not required.

Course Objectives

At the end of this course, you should able to :

  • Understand ArcSight SOAR
  • Set up SOAR to receive alerts
  • Understand SOAR workflow
  • Understand SOAR integrations
  • Understand SOAR Users, Groups and SSO
  • Manage SOAR cases
  • Filter, classify, consolidate, and dispatch cases
  • Automate response with workflow playbooks
  • Understand SOAR System status
  • Monitor using SOAR Dashboards & reports

Course Content

  • Module 1: Introduction to ArcSight SOAR
  • Module 2: Setting up SOAR to Receive Alerts
  • Module 3: Understand Soar Workflow
  • Module 4: SOAR Integrations Overview
  • Module 5: SOAR Users, Groups, SSO
  • Module 6: SOAR Case Management
  • Module 7: Filtering, Classifying, Consolidating, and Dispatching Cases
  • Module 8: Automating Responses with Workflow Playbooks
  • Module 9: SOAR System Status
  • Module 10: Monitoring Using SOAR Dashboards and Reports

Prices & Delivery methods

Online Training

3 days

  • on request
Classroom Training

3 days

  • on request


Guaranteed date:   We will carry out all guaranteed training regardless of the number of attendees, exempt from force majeure or other unexpected events, like e.g. accidents or illness of the trainer, which prevent the course from being conducted.
Instructor-led Online Training:   Course conducted online in a virtual classroom.


Time zone: Central European Summer Time (CEST)

Online Training Time zone: Central European Summer Time (CEST) Guaranteed date!
Online Training Time zone: Central European Summer Time (CEST)