Information security is the center supportive base of the enterprise in formation framework, and a strong enterprise information framework helps in business advancement. Information security management sys tems combined with the company’s data resources can provide more effective service for the enterprise. Traditional security approaches such as firewalls, IDS (Intrusion Detection System), HIPS (Host Intru sion Prevention System), antivirus, and DLP (Data Loss Prevention) are not capable to work as a stand-alone security measure. This the sis tackles the limitations of the current SIEM (Security Information and Event Management) solutions in spotting possible attacks and providing automated response mechanisms. The common technique to attack modeling and security evaluation is modeling a criminal’s behavior by generating an attack graph, adding up different security metrics, and providing risk analysis procedures. Key elements of sug gested architectural solutions for attack modeling and security evalu ation holds in the challenge faced when SIEM shows high amounts of data. Sometimes, the person handling the monitoring can not respond on time. Integrating SOAR (security automation and orchestration) complements SIEM solutions by providing fast response to incidents