{"id":9576,"date":"2021-02-10T00:00:00","date_gmt":"2021-02-10T07:00:00","guid":{"rendered":"https:\/\/swimlane.com\/resource\/your-first-soar-use-case-phishing-triage\/"},"modified":"2025-03-24T13:38:55","modified_gmt":"2025-03-24T19:38:55","slug":"%e6%9c%80%e5%88%9d%e3%81%aesoar%e3%83%a6%e3%83%bc%e3%82%b9%e3%82%b1%e3%83%bc%e3%82%b9%e3%83%95%e3%82%a3%e3%83%83%e3%82%b7%e3%83%b3%e3%82%b0%e3%83%88%e3%83%aa%e3%82%a2%e3%83%bc%e3%82%b8","status":"publish","type":"sw_resource","link":"https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/","title":{"rendered":"\u6700\u521d\u306eSOAR\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\uff1a\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30c8\u30ea\u30a2\u30fc\u30b8"},"content":{"rendered":"\n\n\n<section class=\"bs-section bs-section-f49668dca89a07af4c4bed27713f079b6839f643 bs-section---default bs-section--blog-inner-banner  \"><style>.bs-section.bs-section-f49668dca89a07af4c4bed27713f079b6839f643{ background-color: #000743;} <\/style><div class=\"container\">\n<div class=\"bs-row row  flex-md-row-reverse bs-row---default\">\n<div class=\" bs-column col-sm-12 col-md-12 col-lg-6   bs-column-3c02e72bbbdd27fbc2206a57dc520373f8b450b2 bs-column---default bs-column--right d-flex flex-column justify-content-end    \"><figure class=\"wp-block-post-featured-image\"><img decoding=\"async\" src=\"https:\/\/swimlane.com\/wp-content\/uploads\/Your-First-SOAR-Use-Case-Phishing-Triage.png\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Email inbox notification icon highlighting phishing triage use case in SOAR and automated email threat response\" style=\"object-fit:cover;\" srcset=\"https:\/\/swimlane.com\/wp-content\/uploads\/Your-First-SOAR-Use-Case-Phishing-Triage.png 800w, https:\/\/swimlane.com\/wp-content\/uploads\/Your-First-SOAR-Use-Case-Phishing-Triage-300x199.png 300w, https:\/\/swimlane.com\/wp-content\/uploads\/Your-First-SOAR-Use-Case-Phishing-Triage-768x510.png 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/figure><\/div>\n\n\n\n<div class=\" bs-column col-sm-12  col-md-12 col-lg-6   bs-column-6a13826d98ae006805bf00373c567a95c3c65a9a bs-column---default d-flex flex-column    \"><div class=\"wp-block-post-date\"><time datetime=\"2021-02-10T00:00:00-07:00\">2\u6708 10, 2021<\/time><\/div>\n\n<h1 class=\"wp-block-post-title has-text-color has-white-color\">Your First SOAR Use Case: Phishing Triage<\/h1>\n\n\n<div class=\"bs-div bs-div-f106fb945b2c4610a440b9e5b4f63c0c1cbbec02 bs-div---default\"><div class=\"bs-div__inner d-flex flex-wrap align-items-center    \">\n<a class=\"bs-post__author has-text-align-center\" href=\"https:\/\/swimlane.com\/ja\/author\/Jay_Spann\/\">\n\t<div class=\"profile-desc\">\n\t\t<figure>\n\t\t\t<img decoding=\"async\" src=\"https:\/\/swimlane.com\/wp-content\/uploads\/author_Jay_Spann.jpeg\" alt=\"user-avatar\">\n\t\t<\/figure>\n\t\t<span class=\"prefix\"><\/span>\n\t\t<span class=\"name\">\n\t\t\tJay Spann\t\t<\/span>\n\t<\/div>\n<\/a>\n\n\n\n<div class=\"reading-time\">\n    <span class=\"reading-time__time\">3 <\/span> Minute Read\n<\/div><\/div><\/div>\n<\/div>\n<\/div>\n<\/div><\/section>\n\n\n\n\n\n\n\n\n\n<section class=\"bs-section bs-section-050e6505c2b06c7ce9ca858e2f56661a365e6ba8 bs-section---default bs-section--blog-inner-main-contents  \"><div class=\"container\">\n<div class=\"bs-row row justify-content-between  bs-row---default\">\n<div class=\" bs-column col-sm-12 col-md-1   bs-column-b9d738473a055284b615b4f50be5a383dfe4cc38 bs-column---default     \"><div class=\"heateor_sss_sharing_container heateor_sss_horizontal_sharing\" data-heateor-ss-offset=\"0\" data-heateor-sss-href='https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/'><div class=\"heateor_sss_sharing_ul\"><a aria-label=\"Email\" class=\"heateor_sss_email\" href=\"https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/\" onclick=\"event.preventDefault();window.open('mailto:?subject=' + decodeURIComponent('Your%20First%20SOAR%20Use%20Case%3A%20Phishing%20Triage').replace('&', '%26') + '&body=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Fyour-first-soar-use-case-phishing-triage%2F', '_blank')\" title=\"Email\" rel=\"noopener\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg\" style=\"background-color:#649a3f;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"-.75 -.5 36 36\"><path d=\"M 5.5 11 h 23 v 1 l -11 6 l -11 -6 v -1 m 0 2 l 11 6 l 11 -6 v 11 h -22 v -11\" stroke-width=\"1\" fill=\"#fff\"><\/path><\/svg><\/span><\/a><a aria-label=\"Twitter\" class=\"heateor_sss_button_twitter\" href=\"https:\/\/twitter.com\/intent\/tweet?text=Your%20First%20SOAR%20Use%20Case%3A%20Phishing%20Triage&url=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Fyour-first-soar-use-case-phishing-triage%2F\" title=\"Twitter\" rel=\"nofollow noopener\" target=\"_blank\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg heateor_sss_s__default heateor_sss_s_twitter\" style=\"background-color:#55acee;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"-4 -4 39 39\"><path d=\"M28 8.557a9.913 9.913 0 0 1-2.828.775 4.93 4.93 0 0 0 2.166-2.725 9.738 9.738 0 0 1-3.13 1.194 4.92 4.92 0 0 0-3.593-1.55 4.924 4.924 0 0 0-4.794 6.049c-4.09-.21-7.72-2.17-10.15-5.15a4.942 4.942 0 0 0-.665 2.477c0 1.71.87 3.214 2.19 4.1a4.968 4.968 0 0 1-2.23-.616v.06c0 2.39 1.7 4.38 3.952 4.83-.414.115-.85.174-1.297.174-.318 0-.626-.03-.928-.086a4.935 4.935 0 0 0 4.6 3.42 9.893 9.893 0 0 1-6.114 2.107c-.398 0-.79-.023-1.175-.068a13.953 13.953 0 0 0 7.55 2.213c9.056 0 14.01-7.507 14.01-14.013 0-.213-.005-.426-.015-.637.96-.695 1.795-1.56 2.455-2.55z\" fill=\"#fff\"><\/path><\/svg><\/span><\/a><a aria-label=\"Facebook\" class=\"heateor_sss_facebook\" href=\"https:\/\/www.facebook.com\/sharer\/sharer.php?u=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Fyour-first-soar-use-case-phishing-triage%2F\" title=\"Facebook\" rel=\"nofollow noopener\" target=\"_blank\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg\" style=\"background-color:#0765FE;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"0 0 32 32\"><path fill=\"#fff\" d=\"M28 16c0-6.627-5.373-12-12-12S4 9.373 4 16c0 5.628 3.875 10.35 9.101 11.647v-7.98h-2.474V16H13.1v-1.58c0-4.085 1.849-5.978 5.859-5.978.76 0 2.072.15 2.608.298v3.325c-.283-.03-.775-.045-1.386-.045-1.967 0-2.728.745-2.728 2.683V16h3.92l-.673 3.667h-3.247v8.245C23.395 27.195 28 22.135 28 16Z\"><\/path><\/svg><\/span><\/a><a aria-label=\"Linkedin\" class=\"heateor_sss_button_linkedin\" href=\"https:\/\/www.linkedin.com\/sharing\/share-offsite\/?url=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Fyour-first-soar-use-case-phishing-triage%2F\" title=\"Linkedin\" rel=\"nofollow noopener\" target=\"_blank\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg heateor_sss_s__default heateor_sss_s_linkedin\" style=\"background-color:#0077b5;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"0 0 32 32\"><path d=\"M6.227 12.61h4.19v13.48h-4.19V12.61zm2.095-6.7a2.43 2.43 0 0 1 0 4.86c-1.344 0-2.428-1.09-2.428-2.43s1.084-2.43 2.428-2.43m4.72 6.7h4.02v1.84h.058c.56-1.058 1.927-2.176 3.965-2.176 4.238 0 5.02 2.792 5.02 6.42v7.395h-4.183v-6.56c0-1.564-.03-3.574-2.178-3.574-2.18 0-2.514 1.7-2.514 3.46v6.668h-4.187V12.61z\" fill=\"#fff\"><\/path><\/svg><\/span><\/a><\/div><div class=\"heateorSssClear\"><\/div><\/div>\n<\/div>\n\n\n\n<div class=\" bs-column col-sm-12  col-lg-8 col-md-11   bs-column-5fcbee853797bef68c609dd2715f511e3ead78a3 bs-column---default bs-column--contents     \">\n<h2 class=\"wp-block-heading\">&nbsp;<\/h2>\n\n\n\n<p><a href=\"https:\/\/swimlane.com\/resources\/live-demo-combat-phishing-emails-with-soar\" data-redactor-span=\"true\">Phishing<\/a> continues to be a dangerously effective attack method. Roughly <a href=\"https:\/\/www.phishing.org\/phishing-resources\" target=\"_blank\" rel=\"noopener\" data-redactor-span=\"true\">91% of successful attacks start with phishing<\/a>. On average, <a href=\"https:\/\/retruster.com\/blog\/2019-phishing-and-email-fraud-statistics.html#:~:text=Phishing%20and%20the%20Final%20Word,get%20opened%20by%20targeted%20users.\" target=\"_blank\" rel=\"noopener\" data-redactor-span=\"true\">30% of the phishing emails sent get opened and viewed<\/a>. Considering the minuscule cost and effort involved in creating and sending an email, it is <a href=\"https:\/\/www.prnewswire.com\/news-releases\/webroot-report-nearly-half-of-employees-confess-to-clicking-links-in-potential-phishing-emails-at-work-300923877.html\" target=\"_blank\" rel=\"noopener\" data-redactor-span=\"true\">no wonder this method continues to be so popular<\/a> for attackers. And it\u2019s becoming increasingly difficult to spot a phishing attempt. Attackers sending phishing emails can expect between 10% and 15% of the time that the malicious attachment or link will be accessed <a href=\"https:\/\/www.jmir.org\/2020\/1\/e16775\/\" target=\"_blank\" rel=\"noopener\" data-redactor-span=\"true\">in some companies<\/a>.<\/p>\n\n\n\n<p>Without phishing <a href=\"https:\/\/swimlane.com\/solutions\/security-automation-and-orchestration\/security-automation\" data-redactor-span=\"true\">automation<\/a>, an analyst must manually receive a potentially malicious email through some system of detection or by notification from a user. The analyst must then inspect the email and manually extract details to validate them. This means looking at every part of the email in detail (headers, body, everything) and identifying anything that could potentially be an indicator of compromise (IOC). To determine the IOC\u2019s risk, analysts must then access various threat intelligence and enrichment sources. This usually requires copying and pasting information into additional windows or browser tabs to investigate the IOCs and determine their risk. These steps are tedious, time consuming, monotonous, repetitive and easily messed up. Executing the response and any remediation actions adds even more steps and more time to the whole task of handling a single potential phishing message.<\/p>\n\n\n\n<p>An excellent way to combat this problem is to make your existing tools and staff significantly more effective. <a href=\"https:\/\/swimlane.com\/resources\/automating-phishing-alert-triage-demo\" data-redactor-span=\"true\">Automating phishing triage<\/a> with <a href=\"https:\/\/swimlane.com\/platform\/\" data-redactor-span=\"true\">security orchestration, automation and response (SOAR)<\/a> is the way to eliminate most, and in some cases all, of the manual tasks. Additionally, SOAR provides a way to handle every event and all the supporting steps at machine speed. Using Swimlane as your SOAR platform, you can ingest and parse emails, perform the threat intelligence lookups and handle the response and remediation means these steps are executed at speeds well beyond human capability. The steps are also guaranteed to be performed by the book, your playbook. Swimlane does not miss a step or accidentally make a mistake, so the accuracy exceeds human capability as well. Most importantly, SOAR handles the tedious, monotonous, repetitive tasks that quickly burnout and overwhelm analysts. This means analysts are freed up to contribute value to more important human tasks like research, threat hunting and expert evaluation of questionable events. The diagram below shows an overall view of one way phishing triage can be accomplished with Swimlane.<\/p>\n\n\n\n<figure class=\"wp-block-image c-figure--center\"><img decoding=\"async\" src=\"https:\/\/swimlane.com\/assets\/uploads\/images\/Phishing-Triage_blog.png\" alt=\"Your First SOAR Use Case Phishing Triage\" title=\"Your First SOAR Use Case Phishing Triage\"\/><\/figure>\n\n\n\n<p>This phishing incident workflow starts with Swimlane ingesting an email from a monitored organization mailbox where users send suspected spam and <a href=\"https:\/\/swimlane.com\/resources\/live-demo-combat-phishing-emails-with-soar\" data-redactor-span=\"true\">phishing emails<\/a>. When any email arrives, it is automatically ingested and parsed. Details like the header, subject, body, and email addresses are placed into data fields in a newly created case record. Potential IOCs like IP addresses, URLs and domains are also parsed into the appropriate fields. As the IOCs are identified by the workflow, integrations with other tools are automatically engaged to enrich the data and determine the associated level of risk. The phishing workflow also uses integrations to verify user details and, if desired, add additional user information to the record. Attachments or URLs found in the email are deployed using a sandbox resource and evaluated. This workflow also employs fuzzy hashing to match data to other known events.<\/p>\n\n\n\n<p>The data returned from the various tools and resources is immediately added to the record. The workflow uses the combined information in the record to determine an overall risk score and whether the <a href=\"https:\/\/swimlane.com\/resources\/live-demo-combat-phishing-emails-with-soar\" data-redactor-span=\"true\">phishing email<\/a> should be considered malicious, suspicious or benign. If the overall risk is severe and indicates the email is malicious, the workflow executes the designated response and\/or remediation. In this example that includes steps like automatically quarantining the endpoint using the EDR tool, automatically generating and assigning an IT ticket to have the system restored to a non-infected state and a notification to the SOC and the user letting them know about the situation.<\/p>\n\n\n\n<p><a href=\"https:\/\/swimlane.com\/platform\/\" rel=\"noopener\" data-redactor-span=\"true\">Swimlane<\/a> also enables the automation of additional proactive tasks like threat hunting. When a malicious email is found, the SOAR solution can immediately search all the organization\u2019s mailboxes and identify any other mailboxes where that malicious indicators are present. Depending on the desired level of automation, those additional emails can be automatically deleted or automatically presented to an analyst with a single click option for the chosen action. <a href=\"https:\/\/swimlane.com\/resources\/live-demo-combat-phishing-emails-with-soar\" data-redactor-span=\"true\">Automating phishing alert triage<\/a> is just one use case example of what SOAR can do for your organization. <a href=\"https:\/\/swimlane.com\/resources\/\" data-redactor-span=\"true\">Dive in with us<\/a> to learn more!<\/p>\n<\/div>\n\n\n\n<div class=\" bs-column col-sm-12  col-md-12 col-lg-3   bs-column-4ffac197d945e44dadadc9d8f52ba4737135ba21 bs-column---default     \">\n<div class=\"bs-div bs-div-ffc71f24880cf5ca65c4a54e87fb14a656cc562d bs-div---default bs-div--tags\"><div class=\"bs-div__inner     \">\n<h2 class=\"wp-block-heading\" id=\"h-tags\">Tags<\/h2>\n\n\n<div class=\"post-tag-wrapper\">\n    <p><\/p><\/div>\n<\/div><\/div>\n\n\n\n<div class=\"bs-div bs-div-69c461f15bb5fa3fc09d1aa73a0e5865005218ff bs-div---default bs-div--related-posts\"><div class=\"bs-div__inner     \">\n<h2 class=\"wp-block-heading\" id=\"h-related-posts\">Related Posts<\/h2>\n\n\n\n<div class=\"bs-related-posts bs-related-posts-block---default\"><div class=\"bs-related-posts__container\"><div class=\"bs-related-posts__items\">\n<div class=\" bs-column col-sm-4   bs-column-4bb8c1b66cb5e72c43988fbaf017046daf38fc18 bs-column---default     \">\t\t\t\t\t<div class=\"bs-post bs-post-69eb49a14d02b bs-single-post---default enable\" >\n\t\t\t<a class=\"bs-post__trigger\" href='https:\/\/swimlane.com\/ja\/blog\/mobile-phishing\/' target='_self'>\t\t\t<div class=\"bs-post__inner\">\n\t\t\t\t<div class=\"bs-post__details\">    <div class=\"bs-post__date\">\n        <span>3\u6708 26, 2025<\/span>\n    <\/div>\n    <div class=\"bs-post__title\">\n        <h5>The Rise of Mobile Phishing and How to Prevent Mobile Phishing<\/h5>\n    <\/div>\n<div class=\"bs-post__learn-more\">\n    <span class='btn learn-more-text bs-post__learn-more-text'>Read More<\/span><\/div>\n<\/div>\t\t\t<\/div>\n\t\t\t<\/a>\t\t<\/div>\n\t<\/div>\n\n\n\n<div class=\" bs-column col-sm-4   bs-column-4bb8c1b66cb5e72c43988fbaf017046daf38fc18 bs-column---default     \">\t\t\t\t\t<div class=\"bs-post bs-post-69eb49a14e526 bs-single-post---default enable\" >\n\t\t\t<a class=\"bs-post__trigger\" href='https:\/\/swimlane.com\/ja\/blog\/inside-rsa-2024-triumphs-and-tribulations\/' target='_self'>\t\t\t<div class=\"bs-post__inner\">\n\t\t\t\t<div class=\"bs-post__details\">    <div class=\"bs-post__date\">\n        <span>5\u6708 10, 2024<\/span>\n    <\/div>\n    <div class=\"bs-post__title\">\n        <h5>Inside RSA 2024: Triumphs and Tribulations of a First-Time Attendee<\/h5>\n    <\/div>\n<div class=\"bs-post__learn-more\">\n    <span class='btn learn-more-text bs-post__learn-more-text'>Read More<\/span><\/div>\n<\/div>\t\t\t<\/div>\n\t\t\t<\/a>\t\t<\/div>\n\t<\/div>\n\n\n\n<div class=\" bs-column col-sm-4   bs-column-4bb8c1b66cb5e72c43988fbaf017046daf38fc18 bs-column---default     \">\t\t\t\t\t<div class=\"bs-post bs-post-69eb49a14f68f bs-single-post---default enable\" >\n\t\t\t<a class=\"bs-post__trigger\" href='https:\/\/swimlane.com\/ja\/blog\/beyond-black-friday\/' target='_self'>\t\t\t<div class=\"bs-post__inner\">\n\t\t\t\t<div class=\"bs-post__details\">    <div class=\"bs-post__date\">\n        <span>11\u6708 17, 2021<\/span>\n    <\/div>\n    <div class=\"bs-post__title\">\n        <h5>Cybersecurity Beyond Black Friday: Retail Security Automation Use Case<\/h5>\n    <\/div>\n<div class=\"bs-post__learn-more\">\n    <span class='btn learn-more-text bs-post__learn-more-text'>Read More<\/span><\/div>\n<\/div>\t\t\t<\/div>\n\t\t\t<\/a>\t\t<\/div>\n\t<\/div>\n<\/div><\/div><\/div>\n<\/div><\/div>\n\n\n<\/div>\n<\/div>\n<\/div><\/section>\n\n\n\n<section class=\"bs-section bs-section-2a4a600ae9ab197b6a4ccafe05152bf1a2fde1d1 bs-section---default bs-section--newsletter bs-section--common-marketo-form bs-section--common-marketo-form-two-columns  \"><style>.bs-section.bs-section-2a4a600ae9ab197b6a4ccafe05152bf1a2fde1d1{ background-color: #000743;} <\/style><div class=\"container-fluid\">\n<div class=\"bs-row row   bs-row---default\">\n<div class=\" bs-column col-sm-0 col-md-0 col-lg-6   bs-column-df5e10bef85c15055718b4d93887855962017939 bs-column---default     \">\n<h2 class=\"wp-block-heading has-white-color has-text-color\" id=\"requestor\">Request a Live Demo<\/h2>\n<\/div>\n\n\n\n<div class=\" bs-column col-sm-0 col-md-0 col-lg-6   bs-column-df5e10bef85c15055718b4d93887855962017939 bs-column---default     \"><div class='media-elements bs-media-element---default enable'>    <div class='bs-common-image'>\n                            <figure class='figure justify-content-start d-flex'>\n                            <picture>\n                            \n                            <img src='https:\/\/swimlane.com\/wp-content\/uploads\/liitp.svg' class='img-fluid'   alt='' title=''  \/>\n                            <\/picture>\n                                \n                            <\/figure>\n                        <\/div><\/div>\n\n<script src=\"\/\/pages.swimlane.com\/js\/forms2\/js\/forms2.min.js\"><\/script>\n<form id=\"mktoForm_1017\"><\/form>\n<script>\n    var embeddedFormId = '05a6905d0187a23e165b2fd995e965fe15cb94f6';\n    var marketoBaseUrl = '\/\/pages.swimlane.com';\n    var munchkinId = '978-QCM-390';\n    var formId = '1017';\n    var responseType = 'redirect';\n    var responseMessage = 'Thank you!';\n    var redirectURL = '';\n    var downloadFileURL = '';\n    var linkOpenType = '_self';\n    var popupVideo = 'url';\n    var popupVideoURL = '';\n    var popupVideoUploadURL = '';\n    MktoForms2.loadForm(marketoBaseUrl, munchkinId, formId, function(form) {\n        form.onSuccess(function(values, followUpUrl) {\n            document.getElementById(\"int_mktoForm_\" + formId).innerHTML = responseMessage;\n                    });\n    });\n<\/script>\n<div class=\"form-submit-note\" id=\"int_mktoForm_1017\"><\/div>\n<!-- Incluing form response options -->\n\n\n\n<script>\n    (function() {\n        \/\/ Please include the email domains you would like to block in this list\n        var invalidDomains = [\"@gmail.\", \"@yahoo.\", \"@hotmail.\", \"@live.\", \"@icloud.\",\"@aol.\", \"@outlook.\", \"@proton.\", \"@mailinator.\"];\n\n\n        MktoForms2.whenReady(function(form) {\n            form.onValidate(function() {\n                var email = form.vals().Email;\n                if (email) {\n                    if (!isEmailGood(email)) {\n                        form.submitable(false);\n                        var emailElem = form.getFormElem().find(\"#Email\");\n                        form.showErrorMessage(\"Must be Business email.\", emailElem);\n                    } else {\n                        form.submitable(true);\n                    }\n                }\n            });\n        });\n\n        function isEmailGood(email) {\n            for (var i = 0; i < invalidDomains.length; i++) {\n                var domain = invalidDomains[i];\n                if (email.indexOf(domain) != -1) {\n                    return false;\n                }\n            }\n            return true;\n        }\n\n\n    })(); \n<\/script>\n<\/div>\n<\/div>\n<\/div><\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":29,"featured_media":9577,"template":"","meta":{"_acf_changed":false,"show_custom_date":false,"custom_date":"","featured":false,"featured_image":0,"learn_more_label":"","image_alt_text":"","learn_more_type":"","learn_more_link":[],"show_popup":false,"disable_iframe":false,"enable_lazy_loading":false,"learn_more_link_file":0,"event_date":false,"event_start_date":"","event_end_date":"","featured_page_list":[],"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","inline_featured_image":false,"footnotes":""},"tags":[],"resource-type":[67],"resource-topic":[],"resource-industry":[],"blog-category":[69],"class_list":["post-9576","sw_resource","type-sw_resource","status-publish","has-post-thumbnail","hentry","resource-type-blogs","blog-category-use-cases"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.5 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Your First SOAR Use Case: Phishing Triage<\/title>\n<meta name=\"description\" content=\"Tracking ROI in real time with SOAR is easy to accomplish. SOAR implementation\u200b also dramatically improves the analyst&#039;s activities.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/\u6700\u521d\u306esoar\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30c8\u30ea\u30a2\u30fc\u30b8\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Your First SOAR Use Case: Phishing Triage\" \/>\n<meta property=\"og:description\" content=\"Tracking ROI in real time with SOAR is easy to accomplish. SOAR implementation\u200b also dramatically improves the analyst&#039;s activities.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/\u6700\u521d\u306esoar\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30c8\u30ea\u30a2\u30fc\u30b8\/\" \/>\n<meta property=\"og:site_name\" content=\"AI Security Automation\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-24T19:38:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/swimlane.com\/wp-content\/uploads\/Your-First-SOAR-Use-Case-Phishing-Triage.png\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"531\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@swimlane\" \/>\n<meta name=\"twitter:label1\" content=\"\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593\" \/>\n\t<meta name=\"twitter:data1\" content=\"4\u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/blog\\\/your-first-soar-use-case-phishing-triage\\\/\",\"url\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/blog\\\/your-first-soar-use-case-phishing-triage\\\/\",\"name\":\"Your First SOAR Use Case: Phishing Triage\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/blog\\\/your-first-soar-use-case-phishing-triage\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/blog\\\/your-first-soar-use-case-phishing-triage\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/swimlane.com\\\/wp-content\\\/uploads\\\/Your-First-SOAR-Use-Case-Phishing-Triage.png\",\"datePublished\":\"2021-02-10T07:00:00+00:00\",\"dateModified\":\"2025-03-24T19:38:55+00:00\",\"description\":\"Tracking ROI in real time with SOAR is easy to accomplish. SOAR implementation\u200b also dramatically improves the analyst's activities.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/blog\\\/your-first-soar-use-case-phishing-triage\\\/#breadcrumb\"},\"inLanguage\":\"ja\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/swimlane.com\\\/ja\\\/blog\\\/your-first-soar-use-case-phishing-triage\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/blog\\\/your-first-soar-use-case-phishing-triage\\\/#primaryimage\",\"url\":\"https:\\\/\\\/swimlane.com\\\/wp-content\\\/uploads\\\/Your-First-SOAR-Use-Case-Phishing-Triage.png\",\"contentUrl\":\"https:\\\/\\\/swimlane.com\\\/wp-content\\\/uploads\\\/Your-First-SOAR-Use-Case-Phishing-Triage.png\",\"width\":800,\"height\":531,\"caption\":\"Email inbox notification icon highlighting phishing triage use case in SOAR and automated email threat response\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/blog\\\/your-first-soar-use-case-phishing-triage\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/swimlane.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Your First SOAR Use Case: Phishing Triage\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/#website\",\"url\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/\",\"name\":\"Low-Code Security Automation & SOAR Platform | Swimlane\",\"description\":\"Agentic AI automation for every security function\",\"publisher\":{\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ja\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/#organization\",\"name\":\"Low-Code Security Automation & SOAR Platform | Swimlane\",\"url\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ja\",\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/swimlane.com\\\/wp-content\\\/uploads\\\/sw-inline-logo-color-white.svg\",\"contentUrl\":\"https:\\\/\\\/swimlane.com\\\/wp-content\\\/uploads\\\/sw-inline-logo-color-white.svg\",\"width\":912,\"height\":190,\"caption\":\"Low-Code Security Automation & SOAR Platform | Swimlane\"},\"image\":{\"@id\":\"https:\\\/\\\/swimlane.com\\\/ja\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/swimlane\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/swimlane\\\/\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u6700\u521d\u306eSOAR\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\uff1a\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30c8\u30ea\u30a2\u30fc\u30b8","description":"SOAR\u3092\u4f7f\u3048\u3070\u3001ROI\u3092\u30ea\u30a2\u30eb\u30bf\u30a4\u30e0\u3067\u7c21\u5358\u306b\u8ffd\u8de1\u3067\u304d\u307e\u3059\u3002SOAR\u306e\u5c0e\u5165\u306b\u3088\u308a\u3001\u30a2\u30ca\u30ea\u30b9\u30c8\u306e\u696d\u52d9\u3082\u5287\u7684\u306b\u6539\u5584\u3055\u308c\u307e\u3059\u3002.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/\u6700\u521d\u306esoar\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30c8\u30ea\u30a2\u30fc\u30b8\/","og_locale":"ja_JP","og_type":"article","og_title":"Your First SOAR Use Case: Phishing Triage","og_description":"Tracking ROI in real time with SOAR is easy to accomplish. SOAR implementation\u200b also dramatically improves the analyst's activities.","og_url":"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/\u6700\u521d\u306esoar\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30c8\u30ea\u30a2\u30fc\u30b8\/","og_site_name":"AI Security Automation","article_modified_time":"2025-03-24T19:38:55+00:00","og_image":[{"width":800,"height":531,"url":"https:\/\/swimlane.com\/wp-content\/uploads\/Your-First-SOAR-Use-Case-Phishing-Triage.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@swimlane","twitter_misc":{"\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593":"4\u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/","url":"https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/","name":"\u6700\u521d\u306eSOAR\u30e6\u30fc\u30b9\u30b1\u30fc\u30b9\uff1a\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u30c8\u30ea\u30a2\u30fc\u30b8","isPartOf":{"@id":"https:\/\/swimlane.com\/ja\/#website"},"primaryImageOfPage":{"@id":"https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/#primaryimage"},"image":{"@id":"https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/#primaryimage"},"thumbnailUrl":"https:\/\/swimlane.com\/wp-content\/uploads\/Your-First-SOAR-Use-Case-Phishing-Triage.png","datePublished":"2021-02-10T07:00:00+00:00","dateModified":"2025-03-24T19:38:55+00:00","description":"SOAR\u3092\u4f7f\u3048\u3070\u3001ROI\u3092\u30ea\u30a2\u30eb\u30bf\u30a4\u30e0\u3067\u7c21\u5358\u306b\u8ffd\u8de1\u3067\u304d\u307e\u3059\u3002SOAR\u306e\u5c0e\u5165\u306b\u3088\u308a\u3001\u30a2\u30ca\u30ea\u30b9\u30c8\u306e\u696d\u52d9\u3082\u5287\u7684\u306b\u6539\u5584\u3055\u308c\u307e\u3059\u3002.","breadcrumb":{"@id":"https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/#primaryimage","url":"https:\/\/swimlane.com\/wp-content\/uploads\/Your-First-SOAR-Use-Case-Phishing-Triage.png","contentUrl":"https:\/\/swimlane.com\/wp-content\/uploads\/Your-First-SOAR-Use-Case-Phishing-Triage.png","width":800,"height":531,"caption":"Email inbox notification icon highlighting phishing triage use case in SOAR and automated email threat response"},{"@type":"BreadcrumbList","@id":"https:\/\/swimlane.com\/ja\/blog\/your-first-soar-use-case-phishing-triage\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/swimlane.com\/"},{"@type":"ListItem","position":2,"name":"Your First SOAR Use Case: Phishing Triage"}]},{"@type":"WebSite","@id":"https:\/\/swimlane.com\/ja\/#website","url":"https:\/\/swimlane.com\/ja\/","name":"\u30ed\u30fc\u30b3\u30fc\u30c9\u30fb\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\uff06SOAR\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\uff5c\u30b9\u30a4\u30e0\u30ec\u30fc\u30f3","description":"\u3042\u3089\u3086\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u3092\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u578bAI\u3067\u81ea\u52d5\u5316","publisher":{"@id":"https:\/\/swimlane.com\/ja\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/swimlane.com\/ja\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Organization","@id":"https:\/\/swimlane.com\/ja\/#organization","name":"\u30ed\u30fc\u30b3\u30fc\u30c9\u30fb\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\uff06SOAR\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\uff5c\u30b9\u30a4\u30e0\u30ec\u30fc\u30f3","url":"https:\/\/swimlane.com\/ja\/","logo":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/swimlane.com\/ja\/#\/schema\/logo\/image\/","url":"https:\/\/swimlane.com\/wp-content\/uploads\/sw-inline-logo-color-white.svg","contentUrl":"https:\/\/swimlane.com\/wp-content\/uploads\/sw-inline-logo-color-white.svg","width":912,"height":190,"caption":"Low-Code Security Automation & SOAR Platform | Swimlane"},"image":{"@id":"https:\/\/swimlane.com\/ja\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/swimlane","https:\/\/www.linkedin.com\/company\/swimlane\/"]}]}},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource\/9576","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource"}],"about":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/types\/sw_resource"}],"author":[{"embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/users\/29"}],"version-history":[{"count":0,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource\/9576\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/media\/9577"}],"wp:attachment":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/media?parent=9576"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/tags?post=9576"},{"taxonomy":"resource-type","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/resource-type?post=9576"},{"taxonomy":"resource-topic","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/resource-topic?post=9576"},{"taxonomy":"resource-industry","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/resource-industry?post=9576"},{"taxonomy":"blog-category","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/blog-category?post=9576"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}