Google announced the acquisition of Siemplify, a security orchestration, automation, and response (SOAR) tool, this past Monday. Google Cloud’s acquisition of a SOAR tool in and of itself is not surprising — this has been a missing piece for its Chronicle offering that other security analytics platforms have built in for the past several years.
What is interesting, however, is the timing of this acquisition, which comes years after the spate of SOAR acquisitions from 2018–2019. Siemplify was one of the few remaining holdouts as a standalone SOAR, as most other independent SOAR vendors were acquired or diversified their portfolio with other products such as threat intelligence platforms (TIPs).
In some ways, that makes this a heady acquisition, as it signals the true end of the standalone SOAR. Forrester predicted early on that the SOAR market could not stand on its own, and given that that was five years ago, it’s starting to feel like we are belaboring the point. The bottom line is this: The SIEM has irrevocably been altered to the more holistic security analytics platform, incorporating SIEM, SOAR, and SUBA in a single offering.
Just offering a piece of the puzzle — a SOAR, a SIEM, or SUBA — is not