$400 Amazon Gift Card with OnDemand Training through March 10 - Learn More!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

How SOC Superheroes Win

  • Wednesday, June 05, 2019 at 1:00 PM EDT (2019-06-05 17:00:00 UTC)
  • Salvatore Sinno, Ismael Cervantes


  • Unisys
  • LogRhythm

You can now attend the webcast using your mobile device!



Today's reality is that a security breach is not a matter of IF, but a matter of WHEN. According to research from Ponemon Institute, the mean time to detect (MTTD) a breach is 197 days, and the mean time to respond (MTTR) is 69 days. When a threat is detected, organizations have a difficult time responding quickly. The security operations center (SOC) contacts the network team, or the endpoint team, or both to figure out where the anomalous endpoint or user is, and then they determine how to contain it - an inefficient process that can consume days or weeks before remediation.

Rapidly responding to threats require leveraging state of the art innovation that combines advanced security analytics, machine intelligence, Dynamic Isolation, and automation. In this webcast, you will gain insights on how smart CISOs are making incidents non-newsworthy by controlling and neutralizing security events. Learn how to

  • Bring multiple essential capabilities together to quickly identify threats and neutralize them before they cause harm not in days or weeks but minutes.
  • Employ advanced security analytics and machine intelligence to continuously monitor endpoints, networks and user behaviors for cohesive end-to-end threat visibility.
  • Deploy Dynamic Isolation to restrict or block malicious users and devices from communicating over the network.
  • See a live demo that will entail a real-life scenario of insider attack with simulated attack, detection, and response in Seconds not hours, days or months.

Speaker Bios

Salvatore Sinno

Salvatore has held Chief security architect roles in the security industry, in the private sector and UK public sector. He has a rich history of providing robust and stable enterprise security architectures around the world. Salvatore is a recognized expert in advanced security technology including micro-segmentation, allowing him to create solutions that lower costs and risks together while leveraging advanced infrastructures of clouds and mobile. 

A regular speaker at security events and author of articles and whitepaper, Salvatore is a highly regarded industry expert in all aspects of cybersecurity, and an early evangelist of zero trust security architecture model. As a global thought leader, Salvatore has created solutions defending many of the world's enterprises by leading both the advanced technical teams necessary to stop threats and the strategic board/executive advisory services necessary to prevent them. Salvatore holds the designations of Certified Cyber Forensics Professional (CCFP), ISACA Certified Information Security Manager (CISM), CESG Certified Lead Security Architect and is a Certified Information System Security Professional (CISSP).

Salvatore lives in the United Kingdom, where he received his Master of Science degree in information technology as well as an MBA.

Ismael Cervantes

Ismael Cervantes is a Sales Engineer for Global Systems Integrators of LogRhythm. He led the creation and delivery of LogRhythm’s “SOC Enablement” Professional services offering to optimize the detection and response times of cybersecurity incidents and advance the maturity level of a SOC. Ismael has held senior/lead roles in architecture, training, and SOC operations across SMB and Fortune 100 companies. A recognized expert in multi-tenant service delivery and enterprise remote management, Ismael currently holds a GIAC Information Security Professional (GISP) among other product and industry certifications.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.