Supporting Programme 2018
Splunk - How to make your security operations more effective with the help of SOAR technology
How many alarms can your Security Operations team process in real time so that the threat or security incident can be averted? Not enough? Is the most valuable of all resources - the Security Analyte - missing?
Many companies are in the same boat and are looking for ways to increase the level of protection of IT security operations through more effective use of existing security experts.
Security operation departments that use "Security Orchestration, Automation & Response (SOAR)" platforms for automated and consistent processing of workflows experience exactly this increase in efficiency.
What you see in this lecture:
- Necessary steps to process an example security alert - Phishing Email
- Which applications and tools the IT security expert uses for this purpose?
- How the processing of automatable steps with SOAR technology looks like and how the security analyst focuses on the really important things
--- Date: 11.10.2018 Time: 11:30 AM - 11:45 AM Location: Forum M10 - Management