Getting Started

Energy SOAR is a security orchestration, automation, and response platform for SOC teams. It handles the full incident lifecycle: alerts arrive from connected sources, analysts triage and promote them to cases, observables run through analyzers automatically, and response playbooks execute against your infrastructure.

This chapter covers two tasks that together take under 30 minutes. First Login walks through credential-based and SSO authentication. After login, analysts land on the Cases list and platform administrators on the Organisations list. First Investigation runs a complete cycle from a real alert: triage, case creation, adding an observable, running an analyzer, and closing the case. Read both before moving to Installation or Configuration.

• First Login
• First Investigation