Name: From chaos to control: streamlining detection engineering in Security Operation Centers
Start: 2025-06-18T05:00:00Z
End: 2025-06-18T05:00:59.000Z
Location: BrightTALK
Rating: 0

In today’s relentless cybersecurity landscape, threats can still slip through undetected and compromise organizations, despite multiple security controls. In this webinar, Victor Sergeev and Amged Wageh, from Kaspersky, deep dive into real-world cases where compromise assessment became the last line of defense, and successfully identified incidents that were unnoticed.

What you will gain from this webinar:
• Discover how hidden vulnerabilities allow attackers to bypass security systems, despite robust measures.
• Understand the risks of internal policy violations, patch management gaps, and subcontractor misconfigurations.
• Gain actionable insights into revealing undetected threats in your own organization.
• Explore the best practices for implementing a comprehensive assessment strategy to improve incident response and threat hunting efforts.

This session is designed to provide deep technical insights and practical solutions for those tasked with securing their organization’s IT infrastructure, from both internal and external threats – CISOs, CTOs, CIOs, SOC managers and analysts, incident responders, IT managers – to many other related specialists. Don't miss this opportunity to learn from real-life examples and working practices to fine-tune your approach to cybersecurity.

Missed cyberthreats: real-world cases where compromise assessment uncovered what was overlooked

As the frequency of cyberattacks continues to rise, the ability to swiftly and effectively reverse-engineer malware is paramount. To equip you with the skills needed, we are re excited to invite you to our webinar that delves into the depths of Ghidra – an indispensable tool for InfoSec professionals widely used for malware analysis.

The experts will showcase Ghidra's capabilities through the analysis of the Calypso malware. Throughout the session, our Kaspersky Global Research & Analysis Team (GReAT) experts, Igor Kuznetsov and Georgy Kucherin, will share practical tips and tricks, emphasizing effective analysis of functions utilizing structures and function pointers.

Here’s what our experts will cover during the webinar:
Introduction to Ghidra and its significance in reverse engineering.
Live demonstration: Analyzing the Calypso malware with Ghidra.
Tips and tricks for efficient reverse engineering.
Overview of our newly released online training course “Advanced malware reverse engineering with Ghidra”.
Advanced topics: API function hashing, decompiler scripting, and extending Ghidra's capabilities.
Don't miss out on this opportunity to elevate your reverse engineering skills and gain insights from our experts.

Take Your Reverse Engineering to Another Level with Ghidra

Global Endpoint Detection and Response adoption is on the rise, making it a de-facto standard for many organizations. Everybody has heard about it, but sometimes it’s hard to determine what you need for a particular task: EPP or EDR.

Join Nikita Zaychikov, Senior Product Marketing Manager at Kaspersky, to explore what EDR is really about, how it is different from EPP and when it’s best to use it. 
• EDR and EPP: what is the difference
• Why we need or don’t need EDR: exploring options for different organizations
• EDR myths
• EDR adoption in the world
• Types of EDR

EPP vs EDR: difference, use cases, adoption

Join this webinar to gain practical insights into the challenges faced by your industry peers involved in security operations and related activities.

We will explore common issues and effective strategies pertaining to cybersecurity incident detection and response and answer any questions that may arise. Our discussion will also cover aspects of threat intelligence, including the benefits it can offer organizations and obstacles that can arise while implementing these practices in your team.

Critical topics such as SOC team composition, hybrid SOC structures, Threat Intelligence (TI) and Threat Hunting (TH) operations will also be included, and we will discuss the challenges of hybrid SOC related to relationships with MSSP, particularly when customizing daily operations and processes to collaborate with external service providers.

SOC Consulting: Insights and live-on cases

Modern cars are no longer just a means of transportation. Their built-in services can manage everything for drivers and passengers alike from seat heating, to using voice-controlled GPS to find a coffee, or make theater ticket reservations. Along with the development of consumer services, driver safety services have also been developed – distance sensors to neighboring cars, speed limit recognition and the eCall safety system, to name a few.

These hi-tech solutions designed to improve the user experience and make your journey safer, are architecturally based on algorithms and technologies that in themselves carry threats to information security. The wider the user experience, the wider the attack surface for an attacker. 

In this webcast, Cyberthreats to modern automotive industry, Sergey Anufrienko and Alexander Kozlov, security researchers at Kaspersky ICS CERT will discuss:

• Threat landscape: how has changed and evolved over the last 10 years
• Top threats the automotive industry is exposed to
• Standards of automotive security
• Trends in automotive security

Cyberthreats to modern automotive industry

Join us for a webinar where Kaspersky Digital Footprint Intelligence expert Anna Pavlovskaya will explore the motivations and drivers of cybercriminals, providing a unique perspective on the threats coming from dark web to companies of all sizes.

What you’ll discover:
• How Kaspersky monitors the dark web for data leaks, access sales, password dumps, and other threats targeting companies.
• Stepping away from the usual statistics and attack reports, we’ll examine off-topic discussions on dark web forums, such as whether to pay for a girl on a first date, or is there any perspective on a “white” job.
• Learn how to build cybercriminals’ profiles to enhance defensive strategies.

This webinar provides an unusual look into the human side of cybercriminals, helping you better understand and defend against the threats they pose. It will be beneficial for OSINT specialists, cybersecurity and darknet researchers, and corporate security specialists.

Inside the Dark Web exploring the human side of cybercriminals

In the ever-evolving threat landscape of cybersecurity, true expertise is the key of robust protection. In 2023 alone, Kaspersky products thwarted over 437 million cyber attacks, while detected 411,000 new malicious files daily. What powers these formidable defenses?

Join Oleg Gorobets, Security Evangelist at Kaspersky, and Alexander Liskin, Head of Kaspersky's Threat Research, as they unveil the inner workings of Kaspersky’s five Centres of Expertise (Threat Research, Global Research and Analysis Team, AI Research, Security Services and ICS CERT). Discover their pivotal roles in safeguarding businesses and individuals, and explore real-world case studies demonstrating the impact of Kaspersky's expertise in defending against most complex cyber threats.

Whether you're a cybersecurity professional, a decision-maker, or simply interested in the dynamics of cyber defense, this webinar will provide valuable insights and practical knowledge.

The Cybersecurity Buyer's Dilemma Hype vs (True) Expertise

Modern cars employ a wide array of communication interfaces. Some, like Bluetooth and Wi-Fi, directly engage users, while others, such as RDS and GPS, provide user-facing services, and still others, like CAN and Ethernet buses, ensure the proper functioning of the car's internal systems. These interfaces contribute to the extensive flow of data within the car, forming its data flow graph. Within this graph, they serve as the "entry points" for malicious attackers seeking access to the vehicle. However, tampering with them does not necessarily lead to the loss of the car's security features.

In this webcast, cybersecurity experts, Alexander Kozlov and Sergey Anufrienko from Kaspersky's ICS CERT, will delve into the automotive security. Together, we will examine:

- We'll explore which interfaces attackers tend to favor when targeting cars and the reasons behind their choices.
- We'll focus on the techniques attackers employ when conducting attacks through specific interfaces, with an emphasis on classical techniques.
- We'll discuss how to defend against these threats and evaluate the feasibility of reducing associated risks.

Join us for this webinar, where we'll equip you with the knowledge and tools to not only comprehend the ever-evolving landscape of automotive security but also to safeguard your modern vehicle effectively.

Overview of modern car compromise techniques and methods of protection

In today's digital landscape, phishing and social engineering attacks have become increasingly sophisticated, posing significant threats to organizations worldwide. According to Kaspersky's 2023 report, spam accounted for an alarming 45.60% of global email traffic. Furthermore, a staggering 77% of companies have fallen victim to cyber incidents in the past two years, with 21% of these incidents attributed to employees succumbing to phishing attacks.

Beyond the mere inconvenience of sorting through spam, these attacks can lead to severe consequences. From compromising confidential data to incurring substantial financial and reputational damages, the implications are vast. Additionally, recipients risk losing personal funds to scam messages, underscoring the urgency for robust email security measures.

Join us for this enlightening webinar where Kaspersky's experts, Anna Lazaricheva and Alexander Rumyantsev, will delve into the most prevalent and current email threats observed over the past year.

• Understand the diverse forms of spam and email threats plaguing organizations today.
• Explore real-world examples and case studies highlighting the impact of phishing and social engineering attacks.
• Discover the advanced features of Kaspersky Security for Mail Servers (KS for Mail Server), designed to combat sophisticated email threats effectively.

Email security: Top threats and how to counter them

Hardly a day goes by without yet another organisation falling prey to a cyberattack or data breach that has led to reputational and financial losses. The security landscape will get even more tumultuous, with APAC organisations expected to continue facing tough security challenges arising from the shortage of talent, new cloud vulnerabilities and the proliferation of surreptitious malware. Against this backdrop, security operations have become more challenging, driving organisations to consider new approaches that improve the timeliness and accuracy of threat detection while automating response actions. 

Hear from the panel experts in Cybersecurity Frontiers: Crafting Future-Ready Defenses in a Connected World as the panellist shares how you can build a resilient culture and prepare for future challenges.

Cybersecurity Frontiers: Crafting Future-Ready Defenses in a Connected World

Join this webinar to get actionable information that will help you plan and develop your own security operations strategy and will guide you towards practically proven solutions. During the webinar, Roman Nazarov, Head of SOC Consulting at Kaspersky, will provide a comprehensive review of our consulting services – SOC Maturity assessment and SOC Framework development – and share informative insights based on successfully completed projects, including:

• The most common SOC services and their dependence on customers’ business areas
• Typical internal SOC processes and organizational structure and what influences them
• Common issues in security operations and how they’re mitigated

Kaspersky Security Operations Center provides consulting services for customers who aren’t ready to outsource their operations to a Managed Detection and Response team but want to develop internal security operations practices.

SOC consulting projects: common methodology and insights

As cyber threats continue to evolve, mastering the art of digital forensics investigation is an essential for investigating security incidents and safeguarding critical systems. This webinar will focus on Windows digital forensics, offering an overview of the tools and techniques used to uncover digital evidence on Windows systems.

During the session, we will explore the key aspects of Windows forensics, including the major stages of the forensics process, beside a technical session on analysing Windows artifacts to reveal traces of cyber attack.

Additionally, we will provide an overview of our newly released online training course on Windows Digital Forensics. This course covers topics such as methods of obtaining diverse digital evidence, in-depth analysis of browsers and email histories, and the use of timestamps to restore incident scenarios, making it a valuable resource for cybersecurity professionals aiming to enhance their forensic analysis skills.

On the path to reveal the mystery with Digital Forensics

Join us at Reasons to use Suricata for incident response and threat hunting as we delve into the world of Suricata, a powerful open-source network intrusion detection system (NIDS). In this webinar, we will explore the reasons why Suricata has become a go-to solution for incident response and threat hunting, and how it can effectively bolster your cybersecurity defenses.

Our expert, Tatyana Shishkova, Lead security researcher of Kaspersky Global Research and Analysis Team (GReAT), will provide a comprehensive introduction to Suricata’s capabilities. Gain insights from practical examples and understand how Suricata can be leveraged to proactively detect and neutralize potential cyber threats.

• get to know which threats can be detected using Suricata, and why it is crucial to write effective Suricata rules
• learn more about cases using Suricata for incident response and threat hunting
• discover new life hacks on Suricata

Reasons to use Suricata for incident response and threat hunting

Join this webinar, Elevating Cyber Resilience: Unveiling the Power of XDR as Ilya Markelov, Head of Unified Platform Product discusses XDR implementation strategies and future prospects. The presentation educates and encourages organizations to adopt XDR to strengthen their cybersecurity defenses in an increasingly complex threat landscape.

Elevating Cyber Resilience: Unveiling the Power of XDR

In large companies, the sheer volume of information resources makes their attack surface significantly larger, compared to smaller businesses. Numerous factors contribute to this exposure, including networks spread across various locations that are consolidated into a single infrastructure, mergers and acquisitions with companies possessing lower security levels, outdated hardware and software, and more.

The level of preparedness for a potential incident directly impacts the effectiveness of the response and allows you to mitigate the attack’s impact. In this webinar, you will learn how to enhance incident responses for large-scale networks. Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky, will provide you with the following practical insights on:

• Optimizing incident response processes beyond mere scaling up by increasing personnel and systems involved
• Understanding incident response from a management perspective and why it should be an ongoing, cyclical process
• Exploring key principles for a successful response, emphasizing the significance of not only technical skills but also quality processes and soft skills
• Unveiling the limitations of backups in mitigating the consequences of an incident and discovering effective strategies to address them

Securing The Fort: How to master cyber incident response in a large company

In 2024, Kaspersky Managed Detection and Response (MDR) continuously collected telemetry events, which were processed and compiled into anonymized customer cases. These valuable data points were transformed into crucial insights, offering a comprehensive view of the evolving threat landscape and the latest trends in cyber threats.  

Join our webinar to gain essential knowledge on:  

Who Are Your Potential Attackers?
Understand the profiles of cyber adversaries targeting your organization. Identifying them is the first step toward strengthening your defenses.  

What Methods Are They Using Today?
Explore the most common tactics, techniques, and tools cybercriminals employ to stay ahead of their strategies and mitigate risks effectively.  

How Can You Detect Their Activities?
Learn actionable detection techniques to enhance your organization’s security and safeguard against emerging threats.  

Don't miss this opportunity to equip yourself with the latest findings from Kaspersky’s in-depth report, designed to bolster your defense against evolving and sophisticated cyber threats.  

Everyone who attends the webinar on July 2 will receive a complete MDR Analyst report via email, containing all key findings—no additional registration required.

Silent shields & digital dragons: MDR’s proactive protection

Despite all the technological advancements, human factor remains one of the most significant vulnerabilities – as the evolution of the threat landscape is less about sophisticated code and more about ingenious scenarios. The problem is even more acute as there is a significant shortage of qualified cybersecurity specialists in the market. Our latest insightful webinar explores the critical role of human factors in cybersecurity and share strategies to mitigate these risks effectively.

Join Kaspersky expert Oleg Gorobets, as he shares valuable insights and practical advice on enhancing your organization’s defenses and will delve into the following topics:

● Human vulnerabilities: the most common non-IT and IT/InfoSec professionals’ errors and intentional information security policy violations that led to security breaches and how they can be exploited by cybercriminals;
● The impact of InfoSec professionals’ shortage on an organization’s cybersecurity;
● Monotonous work and burnout of InfoSec professionals as the obstacles to reliable company's cyber protection;
● Breakdown of common cyber incidents that occurred over the last two years due to human factors in companies around the world;
● Finding a fitting solution: attention turns to tech and automation.

Don’t miss this opportunity to enhance your cybersecurity knowledge and learn how to effectively mitigate human risks!

Cybersecurity's human factor – more than an unpatched vulnerability

Join us for an in-depth webinar that redefines how organizations approach threat detection in cybersecurity. Although detection remains the cornerstone of Security Operations Centers (SOCs), the absence of a formalized cybersecurity program often results in inefficiencies and missed opportunities for optimization.

This webinar will guide you through:
• Developing a structured detection engineering program to enhance efficiency (e.g., engineering lifecycle, best practices, the importance of data modeling, and more)
• Building an optimal team structure to manage and operationalize detections effectively.
• Identifying and leveraging key metrics to measure program success and ensure continuous improvement.

Led by Sarim Rafiq Uddin, a security services expert from Kaspersky SOC consulting, this session is ideal for cybersecurity professionals and SOC leaders seeking to elevate their threat detection capabilities. Don't miss this opportunity to transform your approach from ad-hoc processes to a comprehensive, strategic program.

From chaos to control: streamlining detection engineering in Security Operation Centers

Security Operations Center

Threat Detection

Detection Engineering

Security

Threat Defence

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

From chaos to control: streamlining detection engineering in Security Operation Centers

Presented by

About this talk

More from this channel