Save $200 on Cyber Security Training at SANS Miami 2018. Ends 12/27.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Live Demonstration: Automating Enterprise Security Response

  • Tuesday, June 20th, 2017 at 1:00 PM EDT (17:00:00 UTC)
  • Alex Cox, Piero DePaoli, and John Strand
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • ServiceNow

You can now attend the webcast using your mobile device!

Overview

You've likely invested in the best security products to protect your organization. But what happens when there is an actual security incident? How do you combine the power of these products to prioritize and resolve the most critical threats first?

Join Alex Cox and Piero DePaoli, security leaders at ServiceNow, for a live demonstration and discussion around integrating ServiceNow Security Operations with third-party security products, including Palo Alto Networks' solutions. See how you can automatically create and enrich security incidents with relevant threat intelligence data, and fast-track them through to resolution with automated security response processes.

Live Demonstration Highlights:

  • How to automatically create security incidents within ServiceNow Security Operations (e.g., via integrations with Palo Alto Networks Next-Generation Firewall (NGFW))
  • How to automatically enrich these incidents with relevant threat intelligence data (e.g., from Palo Alto Networks WildFire, AutoFocus, and NGFW)
  • How to automatically collect information around the presence of Indicators of Compromise (IoCs) from potentially affected endpoints to understand the extent of the problem
  • How to automatically resolve security incidents via workflows and orchestration with ServiceNow Security Operations

The session will include an interactive Q&A session.

Speaker Bios

Piero DePaoli

Piero DePaoli leads product marketing for ServiceNow's Security Business Unit which includes its Security Operations and Governance, Risk, and Compliance solutions. Piero has more than twenty years of experience building and marketing mobility, security and cloud solutions for enterprises. Prior to joining ServiceNow, Piero led product marketing for Symantec's enterprise security products and previously held product management and product marketing with iPass, CompuServe Network Services, UUNET and MCI WorldCom. Piero holds an MBA with an emphasis in Information Systems and Marketing and a BA in Political Science and Economics from the University of California, Davis.


Alex Cox

Alex Cox has been in the software industry for over 17 years. In that time he's worn a good number of IT hats (often at the same time), including: Systems Administrator, Network Engineer, Software Developer, Lead Systems Engineer, SANS Security Instructor and his current position: Principal Security Architect at ServiceNow. Alex's unique combination of experience from both software development and security software deployment arenas give him a wide breadth of perspective; he's secured software systems from the inside and out. He also loves talking about technology; especially security. Whether it's how to best protect your data or how the latest attack could have been prevented. Mentoring for SANS and working for ServiceNow gives him even more opportunities to do this.


John Strand

John Strand is a senior instructor with the SANS Institute. He teaches SEC504: Hacker Techniques, Exploits, and Incident Handling; SEC560: Network Penetration Testing and Ethical Hacking; SEC580: Metasploit Kung Fu for Enterprise Pen Testing; and SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education. John is the course author for SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education and the co-author for SEC580: Metasploit Kung Fu for Enterprise Pen Testing.

When not teaching for SANS, John co-hosts PaulDotCom Security Weekly, the world's largest computer security podcast. He is also the owner of Black Hills Information Security, specializing in penetration testing and security architecture services. He has presented for the FBI, NASA, the NSA, and at DefCon. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.

Very informative! Mr. John Strand's experience shared through narrative brings course material to life. - Christopher Wilson, USAF

Follow John on Twitter @strandjs

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.