Join us for the FREE DFIR Summit | Live Online on July 16-17


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

The Myths and Best Practices Surrounding SOC Automation: Use Cases and Success Stories

  • Thursday, May 03, 2018 at 10:30 AM EDT (2018-05-03 14:30:00 UTC)
  • John Pescatore, John Moran


  • DFLabs

You can now attend the webcast using your mobile device!



The recent paper from SANS Institute about SOC Automation, highlighted the importance of a well-grounded SOC strategy and how automation can be used as a force multiplier if implemented correctly. When it comes to Automation, understanding the clear difference between hype and real value is mandatory. This webinar will illustrate where Automation can provide value and how to make this happen, covering some use cases and hints for choosing and implementing a successful Security Orchestration, Automation and Response platform, to improve the efficiency and effectiveness of your SOC.

Speaker Bios

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

John Moran

John Moran is a Product Management, Security Operations and Incident Response expert and currently holds the position of Senior Product Manager at DFLabs where he is responsible for shaping the product roadmap, strategic planning, technology partnerships and customer success.  He has served as a Senior Incident Response Analyst for NTT Security, Computer Forensic Analyst for the Maine State Police Computer Crimes Unit and Task Force Officer for the US Department of Homeland Security's Human Trafficking Task Force. John currently holds a Bachelor's Degree in Computer Forensics and a Master's Degree in Information Assurance as well as PMC-III, GCFA, CFCE, EnCE, CEH, and CHFI certifications

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.