Security Orchestration, Automation, and Response The term is used to describe three software capabilities which include security incident response, security operations automation ans threat and vulnerability management.