Name: Automating Cyber Rapid Response & Threat Hunting with Autonomous Threat Sweeper
Start: 2021-06-23T16:00:00Z
End: 2021-06-23T16:00:51.000Z
Location: BrightTALK
Rating: 4.7

Securonix Next-Gen SIEM delivers threat detection and response powered by flexible, cloud-native advanced analytics. 

Follow this channel to learn from our security experts. They will discuss threat trends, detection techniques, and SecOps topics such as cloud security, insider threat, SIEM, UEBA, and SOAR.

With insider threats persisting, our webinar looks at how threat models bring real-life cases and incidents to life. Our experts offer an overview of five distinct insider threat profiles and show how their behaviors and activities can be signals for threats. They also demonstrate how the SIEM can enhance the abilities of insider risk teams and security operations center analysts and help broaden their risk mitigation capabilities through contextual analytics that supports and informs enlightened action. We will discuss the primary threat profiles that are impacting organizations globally. These will include impact areas such as:
     - Theft
     - Sabotage
     - Fraud
     - Unintentional threats
     - Personnel security
Expect to hear more about the contrast between these categorized threat profiles to assist your insider threat detection capabilities to quickly identify the different insider risk profiles:
     - Entitled Independent
     - Ambitious Leader
     - Misaligned Saboteur
     - Frontline Fraudster
     - Accidental Insider Risk

Top 5 Insider Threat Profiles a Next-Gen SIEM Can Detect

The threat landscape will continue to change creating new challenges for organizations. 
How will threats that are relevant today evolve in 2023? Will technology innovations and regulatory frameworks require organizations to change the way they operate? With cybersecurity spending as a percentage of IT spending growing to 11.8% in 2022, these questions are top of mind for cybersecurity leaders and their teams.
 
Join Augusto Barros and a panel of security experts for their insights on how you can prepare for the
● Shifting cybersecurity landscape
● Emerging global and economic trends
● Rise of cloud provider-level attacks
● Convergence of IoT/OT and IT security 
● Business ecosystem threats

Navigating Cybersecurity Threats, Challenges and Innovation in 2023

A Data-driven Strategy for Cybersecurity
In this webinar, Booz Allen Hamilton and Securonix will provide insights and evidence from a groundbreaking global cybersecurity benchmark for which both served as sponsors. The benchmark, conducted in partnership with ThoughtLab, collected responses from cybersecurity executives at 1,200 companies in 14 industry sectors and in 16 countries, representing collective annual spend of $125.2B on cybersecurity. Topics covered included: NIST maturity, spending and staffing, breach incidence, security operations metrics (MTTD/MTTR, etc.), and qualitative findings. We will cover a cybersecurity worldview; impacts of digital on security; criticality of data-led security SIEM, UEBA and threat intelligence; and insights regarding the topics above including recommendations for action.

A data-driven strategy for cybersecurity

Perimeterless hybrid environments reliant on cloud infrastructure are a boon for threats. Sophisticated threat actors and insider threats are taking advantage of security gaps presented by this expanded attack surface.
 
Attend this webinar to learn the trends, required data, and detection summaries for key threats. You’ll hear about threats observed in real-life scenarios and how to improve your security posture and stop attacks early in the ransomware kill chain.  

Stay in front of emerging and unknown threats by ensuring you know about best practices in cloud infrastructure, preemptive ransomware and securing IoT and OT.

Speakers:  
Augusto Barros, VP, Cyber Security Evangelist, Securonix
Sina Chehreghani, Manager Incident Response, Securonix Threat Labs
Kayzad Vanskuiwalla, Director Threat Hunting & Intelligence, Securonix Threat Labs

The State of CyberSecurity 2022

A recent Securonix survey reports organizations spend an average of 47 days responding to an incident. The bulk of that 47 days is consumed seeking out the proper context to align the event to indicators of compromise and sharing those insights across the team. This time-consuming effort is required to understand the true nature of the incident so you can take proper action. What if there was a better way? 

See how Securonix is taking a new perspective on bringing the right context to investigations and streamlining knowledge sharing to speed incident resolution featuring Brian Robertson, Senior Product Marketing Manager, and Solay Adaikkalavan, Director of Product Management. In this session, you will learn: 

●     How current practices contribute to delaying investigations and incident mitigation.  
●     How on-demand context helps improve the investigation process.  
●     How to share knowledge across the team without pivoting between multiple tools.   
●     How knowledge gained during investigations can be retained and leveraged against future incidents.  

Brian Robertson brings over 20 years of experience in helping organizations apply technology to real-world problems directly impacting the business from an applications performance, networking, and security perspective. 

Solay Adaikkalavan leads the Securonix Threat Labs product team and is focused on developing and implementing new technology into the Securonix solution to stay ahead of modern aggressive threats.

Send Investigations into Hyperdrive with On-Demand Context and Collaboration

The cyber threat landscape continues to evolve at a breakneck pace, with more and more cyber-attacks leveraging living-off-the-land, fileless, and other evasive attack methods, and criminals increasingly harnessing Cybercrime-as-a-Service offerings to deploy and adapt attack infrastructure rapidly.

With the resulting deterioration in the quality and strength of digital signals used to identify cyber threat activity and the increase in volume and velocity of cyber-attacks, defenders are challenged more than ever to detect and respond to these “low-and-slow” intrusions.

In this talk, you will learn how these trends impact current threat detection technologies and what organizations

can do to counter and mitigate them.

Join Oliver Rochford, Applied Research Director & Security Evangelist, to learn more about the top trends, how they impact current threat detection technologies and how to counter and mitigate them.

During this session, Oliver Rochford, Applied Research Director at Securonix will discuss:

· Top threat trends, including:

o Initial Access Brokers

o Insider Collusion

o Evasive Attack Techniques

· How they impact current threat detection technologies

· What can organizations do to counter and mitigate them

· Answers to your questions during live Q&A

·

Oliver has worked in cybersecurity for over 20 years, including as a penetration tester, consultant, researcher, and writer for Securityweek, CSO Online, and Dark Reading. As a Gartner industry analyst, he co-named the SOAR market and worked on the SIEM Magic Quadrant.

Three Emerging Threat Trends and Best Practices to Mitigate Them

According to Statista, a global market and consumer data provider, between 2021 and 2023, the percentage of organizations adopting a multi-cloud strategy will grow for midsize companies from 76% to 84%, and for large enterprises from 90% to 94%.

Cloud providers offer many security monitoring and threat detection options, but what if you subscribe to more than one? Adopting security monitoring tools from each provider can increase complexity and bring significant overhead to security operations teams. 

For years, security information and Event Management (SIEM) solutions have been collecting and consolidating data from multiple sources for centralized threat detection. Still, multi-cloud brings a new scenario with different data sources, higher volumes, and unknown threats. How does SIEM have to evolve to adapt to this new reality?

Join Augusto Barros, VP of Solutions and Cybersecurity evangelist, and Brian Robertson, Senior Product Marketing Manager at Securonix, to learn about:

· Why is it hard to perform security monitoring in a multi-cloud scenario?
· What are the limitations of traditional SIEMs to support multi-cloud needs?
· What do you need to look for in a new approach and architecture that enables the SIEM to be the right solution to detect threats in a multi-cloud world?
 
Speakers:
Augusto Barros was most recently the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.

Brian Robertson has over 20 years of experience helping organizations solve critical application delivery, network, cloud, and security challenges working with industry leaders who not only are looking at the challenges of today but are looking at the horizon for the challenges of tomorrow.

SIEM: Threat Detection and Response for your Multi-cloud World

According to Forrester, 25% of breaches resulted from internal incidents, and almost half of those were categorized as malicious. Due to current events, insider threats have evolved, and organizations have more to consider than data leaving the organizations and privileged users. 
Employee stressors, disengagement, and potential attrition pose a serious risk and are challenging for organizations to detect and mitigate.
But even considering the risks, an average of only 31% of internal users are currently covered by behavior analytics monitoring solutions, according to the most recent ThoughtLab "Cybersecurity Solutions for a Riskier World" survey.

This session will show how Behavior Analytics can be incorporated into an Insider Threat program to reduce the number of alerts and make investigations faster and easier. From simple enrichment of DLP-generated alerts to a new set of use cases to identify risky insider behavior, advanced analytics can expand the efficiency of insider threat programs and boost risk mitigation strategies.

Learn how behavior analytics solutions can:
- Provide context to alerts generated by DLP solutions
- Identify anomalies related to insider threat activity
- Accelerate and simplify investigations

Help! My Insider Threat Program Is Drowning In Alerts!

The financial and reputational costs of a data breach can have profound and lasting effects. So, it’s imperative that businesses continually assess the security of their networks and data assets. Join us for this discussion as we explore:

- The value of threat hunting in a modern detection program
- The role machine learning and data science play in threat detection and response automation
- The newest cyber threats, vulnerabilities and breach detection and response insights that will help you to ensure your critical data and assets are protected

Moderated by:
Melinda Marks, Senior Analyst, ESG

Featuring: 
Oliver Rochford, Applied Research Director, Securonix

Building Your Threat Detection and Response Strategy

With an average of 33 new threats every month that merit closer scrutiny, the time that security teams are spending on incident response is increasing and is now at 40 to 80 hours in a typical enterprise.
 
New threats come in thick and fast almost daily, so security teams must monitor and curate vast amounts of threat intelligence to determine the impact on their organization. And once a threat has been prioritized, the real work is only just beginning.
 
Join Oliver Rochford, Senior Director, Security Evangelist, and Sina Chehreghani, Manager of Threat Hunting and Incident Response, to hear about our Autonomous Threat Sweeper. Find out why more and more CISO’s are trusting Securonix to scale up and automate their Cyber Rapid Response.
 
Securonix Autonomous Threat Sweeper (ATS) takes the effort out of continuous Cyber Rapid Response and accelerates your ability to determine your exposure to current and emerging cyber incidents. Learn how ATS:

· Keeps you ahead of emerging and developing threats with curated threat intelligence
· Lets you know your exposure when a threat becomes critical through post-hoc detection
· Accelerates incident investigations and reduces your Mean time to Response with automated alerts
· Saves Analyst time, allowing you to focus on what matters
 
Oliver has worked in cybersecurity for over 20 years, including as a penetration tester, consultant, researcher, and writer for Securityweek, CSO Online, and Dark Reading. As a Gartner industry analyst, he co-named the SOAR market and worked on the SIEM Magic Quadrant.
 
For nearly a decade, Sina has been an information security professional responsible for leading incident handling and forensic investigations efforts across public and private sectors. Now managing Threat Hunting & Incident Response at Securonix, he is helping shape IR and advanced threat detection playbooks for Securonix Threat Labs.

Automate Cyber Rapid Response With Autonomous Threat Sweeper

Rapid response is essential to mitigate cybersecurity threats. However, using standalone SIEM and SOAR solutions from different vendors adds unnecessary complexity. In a SOC, where every second counts, a simple, unified UI allows security analysts to speed up detection and response and mitigate threats.

Join Augusto Barros, VP Cybersecurity Evangelist, and Rahul Bakshi, Senior VP of Product Management, for a live discussion on how Securonix's SOAR solution brings security operations into a single pane of glass for end-to-end incident life cycle management. In this session, you will learn: 

- Trends in the SIEM and SOAR markets from the experts
- How to apply automation effectively to drive SOC efficiency
- How to simplify security operations and drive down MTTR
- How to avoid common traps on SOAR implementation

Augusto Barros was most recently the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.

Rahul Bakshi is responsible for driving and managing product strategy. Before Securonix, he has twenty years of experience leading high-performing teams across Product, Marketing, and Sales in the SaaS and Security industries.

Built-in, Not Bolted On: Efficiency Gain With Securonix SOAR

As organizations continue on the cloud journey, they are generating more and more data. The security and privacy of this data is a crucial concern. Another critical factor in cloud deployment is the compute and retention cost associated with the processing and storage.

As organizations evaluate security in the cloud, they are looking for solutions that can be architected to optimize data-related costs while still providing best-in-class security capabilities.

Securonix is collaborating with Amazon Web Services to provide customers a deployment model that enables them to maintain complete ownership of data in their AWS account while still providing a fully managed SaaS SIEM solution.

Join Vidit Arora, Director of Global Technology Enablement at Securonix, and Vinay Sukumar, Principal Category Leader, Security Intelligence at AWS Marketplace to learn more about the Securonix Bring Your Own AWS Model deployment, including:

·       Deployment architecture of the Bring Your Own AWS Model.
·       Key cost and security benefits to customers.
·       Considerations when adopting this deployment model.

Bring Your Own AWS: SaaS Security Analytics on Data Lakes

Sophisticated supply chain attacks like Sunburst can unfold over weeks, months, or even years before they are discovered and disclosed. With attackers already ahead before the race has even started, enterprises must respond rapidly to catch up and must quickly be able to gain insight into:
 
-      Are we compromised?
-      What is the impact?
-      Do we need to notify partners, regulators? 
 
Rapidly responding means that defenders need tools and capabilities to perform detection retrospectively, at speed and scale – and they must be able to do this across data from various devices and applications, often residing in diverse data silos, including SIEM’s and Data lakes.
 
Threat hunters also typically have limited bandwidth and must rely on often cumbersome and manual tools and processes, slowing down response and restricting how much time they can spend analyzing any given threat.
 
Join Oliver Rochford, Senior Director, Security Evangelist, and Aditya Sundararam, Senior Director, Global Threat Detection Engineering and Threat Hunting, to hear about our recently launched Autonomous Threat Sweeper. Learn how we have automated threat hunting and rapid cyber response, and how you can benefit from:
 
·      Automated cyber rapid response
·      Proactive and autonomous early detection of new and emerging threats.
·      Retroactive threat hunting across large volumes of logs and extended historical time frames.
·      Providing air-cover for security operations, for example, overnights and weekends, against the most critical newly disclosed threats.

Automating Cyber Rapid Response & Threat Hunting with Autonomous Threat Sweeper

Threat Analysis

Automated Response

Threat Hunting

Incident Response

Threat Detection

Behavioural Analytics

Cloud Security

SIEM

Insider Threat

Security as a Service

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

Healthcare

Get powerful finance insights for your business. Connect with experts and colleagues to get the most up-to-date knowledge that will help you to determine which financial factors build or erode value in your organization.

Finance

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Automating Cyber Rapid Response & Threat Hunting with Autonomous Threat Sweeper

Presented by

About this talk

More from this channel