DFLabs Workshop: A Deep Dive into Security Orchestration, Automation and Response (SOAR)

REJESTRACJA

Date and Time: 11^th September, 8am-2pm
Breaks (coffee, tea, soft drinks, cakes): 10:00-10:20 ; 12:00-12:20
Price: free for SCS19 participants
Location: Concerto I Conference Room, Sound Garden Hotel
Host and Presenter: Victor Popescu, Solutions Engineer at DFLabs

Victor Popescu Biography

Solutions Engineer, DFLabs

Currently holding the position of Solutions Engineer at DFLabs, Victor supports prospects and customers by providing in-depth and hands on demonstrations and training of DFLabs’ award-winning and innovative SOAR platform, IncMan SOAR, covering the full range of integrations, industry use cases and scenarios.

As a former SOC analyst and security consultant, responsible for security monitoring and incident response for some of the largest companies in Italy, Victor has experienced first-hand many of the challenges and pain points security operations are suffering from today and worked on initiatives to improve their effectiveness and efficiency. Victor holds a Computer Science degree from the University of Turin.

About the Workshop:

The aim of this workshop is to provide cyber security professionals with theoretical knowledge and hands-on experience of a SOAR solution and how it can help to overcome common security operations and incident response challenges and pain points which are being faced today. These challenges include, but are not limited to, a growing volume of alerts, increased workloads and repetitive tasks, a shortage and competition for skilled analysts, a lack of knowledge transfer, as well as more and more disparate tools and technologies being added to the security tool stack.

The main reason why organizations are increasingly implementing a SOAR solution is to ultimately improve their incident response efficiency and effectiveness, by seamlessly orchestrating and automating their security operations and incident response processes and tasks.  SOAR acts as a force multiplier for security teams, enabling them to do more with less. It helps to reduce the risk resulting from incidents, while increasing the return on investment for existing security technologies, also enabling organizations to meet legal and regulatory compliance.

Covering the basic principles to more in-depth processes, the workshop will discuss and demonstrate how a SOAR solution works, showcase a number of essential features and functionality, highlight its capabilities, as well as show how it seamlessly fits within an organizations’ existing security tool stack and environment.

Experience for yourself the benefits of automated and orchestrated security operations and incident response, enabling every security incident to be detected, responded to and remediated in the fastest possible time frame, before becoming a full-on security breach, improving overall operational performance.

Requirements and Prerequisites:

1. Expected requirements and preparation of the participants.

Knowledge of cyber security is required with a specific interest and/or experience in automation and orchestration, incident response and innovative incident response methodologies that could be used within the security operations environment.

All participants will need to be equipped with their own laptop to carry out the hand-on practical tasks.

2. For whom the workshop is for?

The workshop will be aimed at cyber professionals from all levels and backgrounds including SOC Analysts, SOC Managers, CISOs, Security Engineers, Cyber Security Consultants, Cyber Security and any other figure involved in cyber security incident response, looking to learn more about the fundamentals of SOAR and the benefits it can have on any security program.

Workshop Content:

1. Program of the workshop

The workshop will consist of several areas broken down into the following sections. All of the topics will be covered with theoretical explanation and hands on experience.

• An overview of cyber incidents and the challenges security programs currently face
• How automation and orchestration can effectively be used within security operations and incident response
• Introduction to SOAR and how it fits into SOC, CSIRT and MSSP environments
• Implementation of incident response workflows through the use of playbooks and runbooks
• Dashboard and reporting capabilities for the importance of performance measurement
• Q&A session

2. Will the participants receive any materials?

Demonstration slides and a hands-on booklet will be provided to all participants during the event.

3. Will the participants receive any certificates?

All participants will receive a DFLabs SOAR Workshop certificate of attendance which will be emailed to them shortly afterwards.

About DFLabs:

DFLabs is an award-winning and recognized global leader in security orchestration, automation and response (SOAR) technology. The company’s management team has helped shape the cyber security industry, which includes co-editing several industry standards such as ISO 27043 and ISO 30121. Its flagship product, IncMan SOAR, has been adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in Europe, North America, and EMEA. For more information, visit www.dflabs.com or connect with us on Twitter @DFLabs.

About IncMan SOAR:

The DFLabs IncMan Security Automation and Orchestration (SOAR) platform automates and orchestrates security operations and incident response tasks including threat qualification, triage and escalation; hunting and investigation; and containment. IncMan SOAR uses machine learning and automated rapid response runbook capabilities as a force multiplier that has enabled security teams to reduce average incident resolution times by up to 90% and increase incident handling by 300%.

Prowadzący:

Marcin Filipiak/Arrow ECS 

Szczegóły informacyjne: