SOAPA is happening because enterprise organizations are surrounding SIEM with lots of other security analytics and operations tools to accelerate incident detection and response. As this occurs, many organizations are actively integrating these technologies together with the goal of building an end-to-end, event-driven, security technology architecture. SoapA represents an opportunity to increase industry innovation and ultimately deliver a security architecture that allows customers to increase productivity and accelerate actions while streamlining day-time security operations. SoAPA benefits because customers want to make analytics-driven decisions for incident response.”]
Source: https://www.csoonline.com/article/3197381/splunk-on-soapa-part-1.html