The Security Orchestration, Automation, and Response (SOAR) market has seen significant growth in recent years, driven primarily by the need to manage increasingly complex cybersecurity threats. SOAR can deliver comprehensive and efficient incident response to handle these risks.
In this article we will explore the latest statistics and trends that are shaping the SOAR landscape in 2025. These statistics and trends can provide insights into how organizations are using automation to strengthen their security posture, streamline workflows, and maximize the value of their existing security investments.
General Market Statistics
- The security orchestration market is valued at $4.1 billion USD in 2025. This is projected to reach $8.5 billion in 2030, growing at a CAGR of 15.7%.
- In 2024, the software segment held 65.3% of the market share for security orchestration. (The remaining 34.7%was held by the services segment.)
- By industry, the IT / Telecom sector holds the largest market share at 25%. The fastest-growing sector in this market is BFSI (Banking, Financial Services, Insurance), which is estimated to have an 18% growth rate by 2029.
- North America, as a region, has the largest market share, but the Asia-Pacific region is showing the fastest rate of growth.
SOAR Usage And Benefits
- According to Swimlane, enterprise security teams are able to proactively respond to 80% more security telemetry data with SOAR.
- 68% of organizations leave critical vulnerabilities unresolved for over 24 hours. Despite this shortcoming, over half (55%) of organizations lack a comprehensive system for vulnerability prioritization.
- According to Palo Alto Networks, SOAR can reduce the time SOC teams spend on incident remediation by 90%.
- They also reported an 89% reduction in time spent investigating malware incidents and 75% fewer incidents requiring manual interaction.
- IBM’s latest Cost of a Data Breach report found that the average cost savings for organizations that used security AI and automation extensively in prevention versus those that didn’t was $2.2 million USD.
- The number of organizations that used security AI and automation “extensively” grew to 31% in 2024 from 28% in 2023. The share of those using AI and automation on a limited basis also grew from 33% to 36%, a 9.1% increase.
- Organizations “extensively using security AI and automation” identified and contained data breaches nearly 100 days faster on average than organizations that didn’t use these technologies at all.
- Research from Capgemini found that with AI, the overall time taken to detect threats and breaches is reduced by up to 12%. The time taken to remediate a breach or implement patches in response to an attack comes down by the same amount.
- Just over a third of organizations had deployed SOAR, a prerequisite to ensuring optimal output for AI in cybersecurity.
- One significant implementation challenge was raised by half of the respondents: supporting AI algorithms is difficult because of integration challenges with their current infrastructure, data systems, and application landscapes.
Is SOAR Obsolete?
- Gartner’s 2024 Hype Circle for ITSM (IT Service Management) declared the SOAR category “obsolete before plateau.” Despite this, the actual technology behind security orchestration, automation, and response is alive and well. The core features have just been absorbed by other types of solutions over time rather than staying within this one label.
- A senior director analyst at Gartner stated that, “In the latest case, labeling SOAR as obsolete comes as the components of the product category have become subsumed by other products and services, while automation is increasingly an expected feature.”
For more information on SOAR, why not check out some related articles from Expert Insights:
