Automation for the Modern SOC

Automation for the Modern SOC

The SOC is overwhelmed. Analysts are drowning in security alerts and operations work is rife with monotonous, repetitive tasks. There is a talent shortage of qualified security professionals to staff SOCs and to top it all off, mean time to detect, triage, and respond to threats is still too slow.

Sound familiar? Stop being overwhelmed. Get in control.

Attend our event on August 18th at 9:00AM PT to learn how you can empower your SOC with security orchestration, automation and response capabilities to help you:


  • Investigate and respond to threats faster
  • Increase SOC efficiency and productivity
  • Eliminate analyst grunt work so you can stop working hard and start working smarter
  • Go from overwhelmed to in-control of your security operations
DO NOT EDIT

The Agenda

9:00 -

9:20 am PT

Automation for the Modern SOC: Strategies for Smarter Security Operations
Speakers:
John Dominguez, Director, Product Marketing - Security, Splunk
Ian Forrest, Principal Product Manager, Splunk

Abstract: The SOC is overwhelmed. Analysts are drowning in security alerts and operations work is rife with monotonous, repetitive tasks. There is a talent shortage of qualified security professionals to staff SOCs and to top it all off, mean time to detect, triage, and respond to threats is still too slow. Sound familiar? Stop being overwhelmed. In this session, we’ll teach you how Splunk SOAR allows you to work smarter, respond faster, and strengthen your defenses in both on-prem and cloud environments!

New visual playbook editor
Splunkbase apps (tentative)
Overview video
In platform app editor - troubleshooting, editing, adding to apps

9:20 -

9:40 am PT

Automating Phishing Response and Threat Intel Enrichment with Splunk SOAR and TruSTAR
Speakers:
Rob Gresham, Security Solutions Architect, Splunk
Elvis Hovor, Senior Product Manager TruSTAR, Splunk

Abstract: Phishing is one of the world's most effective attack vectors practiced by criminals to help assess a target organization’s security posture. In this session, see how Splunk SOAR and TruSTAR work together to simplify your phishing response, and protect you from these criminals. TruSTAR works to enrich SOC workflows with normalized threat intelligence from third-party sources. Splunk SOAR provides context, validation, and automated response using integrations like Recorded Future and Zscaler. Turn your data into action.

9:40 -

10:00 am PT

How Uber Implements Splunk SOAR Case Management
Speakers:
Dan Dagget, Security Community Manager, Splunk
Phil Lee, Sr. Security Technologist, Uber

Abstract: Case management ensures that threats are proactively identified, prioritized, and rapidly investigated. This functionality is built into Splunk SOAR, and allows you to codify your standard operating procedures into reusable templates. In this session, we’ll show you how Uber uses Splunk SOAR case management functionality to create custom lists and design playbooks, reducing time spent to engage, mitigate and resolve threats.

10:00 -

10:20 am PT

Protecting your Cloud Accounts in GCP, Azure, and AWS with Automation
Speakers:
Phil Royer, Splunk Research Engineer, Splunk

Abstract: As organizations rapidly grow their footprints in the cloud, it becomes increasingly important to regularly review the accounts and permissions that are being configured across a wide variety of cloud resources. Preventing misuse of privileged accounts is extremely important for defending against all malicious intrusions and data exfiltration. Phil Royer, our distinguished Splunk SOAR researcher, will walk you through how to monitor and protect your cloud accounts across GCP, Azure, and AWS with pre-built playbooks that you can leverage today.

10:20 -

10:40 am PT

Automating Vulnerability Management in the Splunk SOC
Speakers:
Brian Pham, Sr. Threat & Vulnerability Analyst, Splunk
Dominic Salas, Sr. Security Engineer, Splunk

Abstract: Are your security analysts spending hours manually managing vulnerabilities? A strong vulnerability management program is essential to adequately secure a corporation, but doing this effectively can require exhaustive manual resources and valuable time your analysts could be using towards developing sophisticated security solutions. Splunk’s Threat and Vulnerability Management team has built an automated vulnerability management solution using Splunk Cloud and Splunk SOAR. We'll show you how to get your security analysts away from manual tracking so they can focus on resolving vulnerabilities before the bad guys break in.

Our Speakers

John Dominguez

Director, Product Marketing - Security, Splunk

Ian Forrest

Principal Product Manager, Splunk

Elvis Hovor

Senior Product Manager TruSTAR, Splunk

Rob Gresham

Security Solutions Architect, Splunk

Dan Dagget

Security Community Manager, Splunk

Phil Lee

Sr. Security Technologist, Uber

Phil Royer

Splunk Research Engineer, Splunk

Brian Pham

Sr. Threat & Vulnerability Analyst, Splunk

Dominic Salas

Sr. Security Engineer, Splunk