Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018

Channel:
United States SANS Institute
Subscribers:
64,000
Published on ● Video Link: https://www.youtube.com/watch?v=_mnxZ1iSUGg


Duration: 36:23
5,922 views
73

SANS Summit schedule: http://www.sans.org/u/DuS

Hacking your SOEL: SOC Automation and Orchestration

Rob Gresham, Security Solutions Architect, Splunk

The world of daily IT security operations has not changed significantly for the past decade as far as process enablement, but now a new technology has arrived, enabling security teams to operate better, stronger, and faster. Now with automation and orchestration, those mundane processes can be handled by computers, allowing the SOC team to truly focus on identifying and responding to the real threats and attacks. Are you using the machine, or is the machine using you? Hacking your Security Operations Event Lifecycle (SOEL) is about looking at these processes, whether it’s a two-person security operation or a full complement SOC. This presentation will explain how to start identifying the processes that computers can handle on your behalf, and how to go beyond just simple use cases to truly leverage all available security tools to enable agile detection and adaptive response. And if you don’t have those initial processes written down, we will explain how to hack your SOEL model to get efficiency and effectiveness going. Security automation and orchestration isn’t just for big SOC operations or MSSPs.



Other Videos By SANS Institute


2018-11-29SANS Webcast - Consuming OSINT: Watching You Eat, Drink, and Sleep
2018-10-24Practical Advice for Submitting to Speak at a Cybersecurity Conference
2018-10-23How I Pulled Off an Edgy Security Campaign – SANS Security Awareness Summit 2018
2018-10-23The Science of Security: The Psychological Impacts of Security Awareness Programs
2018-10-23The Dark Arts of Social Engineering – SANS Security Awareness Summit 2018
2018-10-15SANS Webcast - YARA - Effectively using and generating rules
2018-10-15SANS Webcast - Trust No One: Introducing SEC530: Defensible Security Architecture
2018-10-15SANS Webcast - Perimeter Security and Why it is Obsolete
2018-10-05Apples and Oranges?: A CompariSIEM – SANS Security Operations Summit 2018
2018-09-25Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework
2018-09-25Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018
2018-09-24SANS Institute - 2018 Security Awareness Report Webcast Sneak Peek
2018-08-28You’re Probably Not Red Teaming (And Usually I’m Not, Either) Webcast by Deviant Ollam
2018-08-17Introduction to Malware Analysis
2018-08-17SANS vLive Evening Classes - LEG523
2018-08-17SANS vLive Evening Classes - SEC504
2018-08-17Introduction to Linux
2018-06-14Jumping Air Gaps – SANS ICS Summit 2018
2018-06-12A Sneak Peak at the New ICS410
2018-05-31You’re Probably Not Red Teaming (And Usually I’m Not, Either) – SANS ICS Summit 2018
2018-05-30ICS Threat Intelligence: Moving from the Unknowns to a Defended Landscape – SANS ICS Summit 2018


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training
cyber security summit
security operations
cybersecurity automation
security operations summit
SANS Summit