Cyber Solutions Fest: Level SOC & SOAR

  • Webcast Scheduled to Air Thursday, 21 Oct 2021 8:30AM EST (21 Oct 2021 12:30 UTC)
  • Speaker: Christopher Crowley

You are entering Level SOC & SOAR at the SANS Cyber Solutions Fest 2021.

This full-day session will feature Christopher Crowley and invited guest speakers as they uncover how SOAR systems can help organizations define, prioritize, and standardize responses to cyber attacks. Discover how security teams can gain insight on an attacker's tactics, techniques, and procedures (TTPs) and known indicators of compromise (IOC).




Agenda | 8:30 AM - 5:00 PM ET

Featured Presentations
Tracking Internet “Noise” to Reduce Alerts and Predict Attacks

Every machine connected to the internet gets slammed with unsolicited communications from tens of thousands of IP addresses every day. This massive volume of “internet noise” triggers security tools to generate thousands of events that SOC teams must analyze, even though much of the traffic is harmless opportunistic scanning or common business services. But today, a new generation of threat intelligence is emerging that gives analysts the context they need to confidently ignore irrelevant or harmless activity, creating more time to uncover and investigate true threats.

Join this session to hear how GreyNoise data can be used to reduce alert fatigue, identify compromised devices, and predict malicious activity.

Learn about:

  • The challenges of internet noise
  • GreyNoise’s internet-wide sensor network
  • How GreyNoise customers are reducing their alert loads by 25% or more
  • And check out a live demo of the FREE GreyNoise service
Better SOC/SOAR Efficiency with Better Threat Intelligence: 3 Ways to Get There to Reversing Labs Session

We live and work in an age where every minute counts, and threat actors employ more and more advanced techniques to evade detection of traditional security tools such as AVs, sandboxes, and processes. Learn in this session from an industry leading expert in SOAR how applying the right threat intelligence can greatly improve the SOCs efficiency, catch the bad guys earlier on, and avoid the pitfall of being patient zero.

The key sessions topics will be:

  • Increasing the overall detection of malicious files through a zero-trust approach
  • Automation of L1 triage and why many organizations spend too long investigating false positive alerts
  • Automation of malware analysis with explainable and actionable threat intelligence
End Cyber Risk with Security Operations

Cyber risk is a business risk. Unfortunately, the cybersecurity industry has shown an effectiveness problem in reducing cyber risk for organizations. Every year we’ve witnessed new technologies, vendors, and solutions emerge—yet despite this constant innovation, high-profile breaches continue to make the headlines.

Join us as we discuss:

  • How you can build on the cybersecurity investments and resources you already have
  • The Security Operations framework, what it is, and how you can implement it to enhance your overall security posture
  • How to build and sustain resilience into your security posture moving forward, ultimately helping your organization end cyber risk
Track “Things”, Gain Better Visibility and Investigate Incidents Faster using IPAM Asset Data

Responding to security events requires sophisticated investigation skills and gathering of data from multiple sources to accurately understand severity of an attack, and identify affected devices. This data gathering can often be a manual, laborious process and involve co-ordination with multiple groups within the company. And even then, visibility gaps exist. Without a centralized database of things that connect to the network, tracking becomes difficult. Without understating the role of assets involved in a breach, prioritization can be misplaced.

Join this session to gain insights into:

  • The role IP address management (IPAM) data plays in threat investigation
  • How to use this data for tracking, prioritization and faster response
  • Ecosystem integrations that enrich your SIEM/SOAR with this critical data
Cyber Resilience for Digital Operations

Security operations needs context awareness to ensure the success of business initiatives in a world of advanced, targeted attacks. Netenrich empowers security, IT and cloud operations to thrive during adversity with adaptive incident resolution using real time, data driven risk and trust-based decision making. The Netenrich Resolution Intelligence platform streamlines the process of managing, analyzing, and fixing the root cause of incidents to prevent future disruption.

Level SOC & SOAR with Chris Crowley

Hear what Chris Crowley has to say about Level SOC & SOAR and what you can expect from attending.

Cybersecurity Solutions for Today's Challenges

The 2nd annual SANS Cyber Solutions Fest aims to connect cybersecurity professionals of all levels with the latest solutions, tools, and techniques to combat today's cybersecurity threats.

  • Featuring 4 unique levels: Threat Hunting & Intel, SOC & SOAR, MITRE ATT&ACK®, and Cloud Security
  • Network in real-time with over 30 sponsors and learn from top industry experts
  • Join interactive panel discussions, discover job opportunities, compete in games for multiple prizes, and more