ManageEngine upgrades Log360 with native SOAR capabilities

ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, today announced a core architecture upgrade in Log360, its unified security platform, introducing native SOAR capabilities, seven new integrations with some of the industry’s leading security vendors, and cross-domain orchestration capabilities that places detection, AI investigation, and automated response in a single data model.

Security operations are entering the agentic automation era, albeit with infrastructure that was not built for it. Across most SOCs, tools multiply without converging, each coming with its own alert queue, data model, and demand on analyst time. The visibility problem is rarely a shortage of tooling; it’s a failure of integration. AI agents and autonomous response only work when the layers beneath them share context, and most security stacks today do not.

Log360’s native SOAR is engineered for that shared context. A single playbook can isolate an endpoint through EDR, revoke a compromised session through IAM, enrich the incident with external threat intelligence, open a service ticket, and notify the SOC, all driven by the same alerts, detections, and behavioral signals the platform already produces.

“The next evolution in security operations is about rethinking the architecture so that AI, detection, and response share the same foundation,” said Manikandan Thangaraj, vice president of ManageEngine. “When an AI investigation agent and an orchestration engine operate over the same data model, the friction that has kept security teams reactive for years is eliminated. No API handoffs, no reconstructing context, no gap between insight and action. The best automation isn’t prescriptive, it’s programmable. That’s what we’ve built into Log360.”