The toolbox of technologies that can be used within security operations is rapidly growing. Automation, Threat Intelligence, Machine Learning or AI are a few that promise to be the future of Security Operations. The question is what are the real benefits of these technologies for your organization, and how do you incorporate them?
In the first session we took a closer look at Security Operations Architecture. What are the components you need to enhance detection, investigation and response processes? How can we use architectures like SOAPA and SOAR to mature your Security Operations? How do you make solutions of different vendors work together to improve their effectiveness?
The second session gave us insight in Threat Intelligence. What is Threat Intelligence, and how can you use it in your organization? We took a closer look at different threat management solutions. How can you use Threat Intelligence in your Incident response processes? How can you make Threat Intelligence actionable, using it to prevent your assets against attacks?
In the last part we took theory to practice. In a life war-room environment we were shown how products from different vendors work together with open-source tools. With life examples we show the benefits of automation, we were shown what can be done with Threat Intelligence to make Security Operations more efficient.