Prove Skill Mastery with GIAC Certs - Free Cert Attempt Included with OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Security and Ops Hacks

  • Wednesday, December 06, 2017 at 1:00 PM EST (2017-12-06 18:00:00 UTC)
  • Sonny Sarai


  • Rapid7 Inc.

You can now attend the webcast using your mobile device!



Today's networks are very noisy. There's too much data spilling in from IT operations and network management systems, endpoints, applications, access control, vulnerability management and security systems (IDS/IPS/SIEMs, endpoint protections, etc). Often, this data is all related, but because IT operations and security teams are working in their silos, they cannot see the connections.

For IT ops, the mission is "keeping the lights on" to avoid network and system outages. This is also the mission for Sec Ops, but security teams also need to investigate threats that do get past defenses. Sec Ops also needs to shore up vulnerabilities and continuously monitor for new ones while constantly improving their risk posture. To accomplish their missions, IT and Sec Ops often utilize the same data.

In this webcast, learn how to foster cooperation between both departments for better visibility into threats and threat pathways, while improving overall protection and network hygiene. For example:

  • Start by identifying what data each department uses to do complete their missions.
  • Consider how each department may be utilizing the same data but interpreting it differently and for different reasons (and why those reasons matter).
  • Map how security and operational data can be utilized by both groups.
  • Find allies and identify ways to foster cooperation and teamwork among groups.
  • Share technologies and implement a common interface and workload management system that operations as well as security teams can interpret and follow.
  • Leverage automation strategies to connect disparate security tools to create a single pane of glass for security and operation teams.

Register for this webcast and get early access to the associated whitepaper developed by Sonny Sarai.

View the associated whitepaper here.

Speaker Bio

Sonny Sarai

Sonny Sarai, SANS GIAC Advisor, has more than 10 years' IT experience, seven of them in an information security capacity. He now works as a senior information security analyst, responsible for data governance, compliance, penetration testing, digital forensics and incident response. Sonny holds a degree in forensic investigation, specializing in computer crime. He holds a CISSP and industry-leading certifications from SANS in advanced digital forensics (GCFA), network intrusion detection (GCIA) and security essentials (GSEC). Sonny has an extensive lab dedicated to research, development and analysis, where he continually hones his skills and enhances his capabilities.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.