Hi [[ session.user.profile.firstName ]]

DFLabs - Cyber Incidents Under Control

  • Date
  • Rating
  • Views
  • AMP Up Your Response with SOAR and Cisco’s Security Suite
    AMP Up Your Response with SOAR and Cisco’s Security Suite
    John Moran Sr. Prod. Mngr DFLabs; Jessica Bair Sr. Mngr Adv.Threat Solutions; Michael Auger, Sr Sec. Solutions Cisco Security Recorded: Jan 11 2019 58 mins
    Presented By:
    John Moran, Senior Product Manager, DFLabs
    Michael Auger, Senior Solutions Security Architect, Cisco Security
    Jessica Bair, Senior Manager, Advanced Threat Solutions, Cisco Security

    Learn how DFLabs’ Security Orchestration, Automation and Response solution, IncMan SOAR, integrates and performs seamlessly with Cisco’s security suite, including its latest integration with Cisco AMP for Endpoints.

    As organizations are exposed to more advanced and frequent attacks, speed of detection and response is critical in reducing financial and reputational damage.

    Cisco AMP for Endpoints leverages cloud-based analytics to detect and respond to advanced threats in real-time. Used with Cisco’s security suite, including Threat Grid, Umbrella and Umbrella Investigate, threats can be assessed, and assessments of the network performed; but this consumes valuable analyst time.

    IncMan SOAR allows security teams to automate repeatable tasks, including enriching initial threat indicators, allowing more time to focus on tasks which require human intervention.

    By combining these solutions, security teams can automate and orchestrate the process from initial alert, to containment and remediation, reducing actionable detection and response times from hours to seconds.
  • DFLabs’ New Open Integration Framework and Customer Community Portal
    DFLabs’ New Open Integration Framework and Customer Community Portal
    John Moran, Senior Product Manager, DFLabs and Heather Hixon, Senior Solutions Architect, DFLabs Recorded: Dec 18 2018 41 mins
    DFLabs’ innovative Open Integration Framework is designed to enable security teams to customize and easily add new automated integrations between their existing security tools and our IncMan SOAR platform, enabling SOCs and MSSPs to add unique incident response actions without the need for complex coding. The new framework is part of DFLabs’ commitment to delivering a more open, community-oriented solution to automation and orchestration, which also includes a new Community Portal.

    The Community Portal serves as a hub for customers, where they can get the latest information and support from DFLabs and interact with other like-minded customers. Moreover, this Community Portal aims to provide a cooperation ecosystem for companies and organizations, where they can share integrations of security tools and IncMan SOAR. This approach will enable our customers to tackle specific use cases by uploading or downloading integration files from the Portal to IncMan SOAR.

    Join this webinar to learn more about these two new exciting features, as well as DFLabs’ other latest developments and enhancements to IncMan SOAR v4.5 including:

    - Open Integration Framework
    - Community Portal
    - Enhanced REST API
    - Automated event triage (START Triage)
    - New bidirectional integrations
    - Improvements to existing integrations
    - And more...
  • Creating a Winning Security Strategy for 2019
    Creating a Winning Security Strategy for 2019
    Israel Barak, Cybereason | Dario Forte, DFLabs Recorded: Dec 5 2018 49 mins
    Cyber attacks on businesses, organizations and critical infrastructure becoming the norm in 2018. Massive breaches are constantly in the news and consumers are demanding stricter data and privacy protections. Cybersecurity has never been more important to organizations, and the investment in security technology has never been greater.

    CISOs are in the spotlight, and are looking to build the best strategy to secure their organizations, customers and users.

    Join top security experts for an interactive Q&A panel discussion on:
    - The key factors CISOs should consider for their cybersecurity strategy
    - The current and future threatscape
    - Platform Security for 2019
    - Technological solutions that make CISOs' lives easier
    - How organizations are coping with the shortage of qualified security workforce
    - How CISOs can better communicate their strategy to the board

    Panelists:
    Israel Barak,CSO, Cybereason
    Dario Forte, CEO, DFLabs

    Panel moderated by:
    Amar Singh, Founder & CEO, Cyber Management Alliance
  • DFLabs IncMan SOAR Platform V4.5: Open Integration Framework and More
    DFLabs IncMan SOAR Platform V4.5: Open Integration Framework and More
    John Moran, Senior Product Manager, DFLabs and Heather Hixon, Senior Solutions Architect, DFLabs Recorded: Nov 27 2018 41 mins
    The latest release of DFLabs IncMan SOAR platform v4.5 includes a range of additional and enhanced features and capabilities highly focused around delivering a more open, extensible and community-oriented solution to some of the most challenging problems facing SOCs, CSIRTs and MSSPs today.

    Key New Features include:

    - Open Integration Framework
    - Enhanced REST API
    - Automated event triage (START Triage)
    - New bidirectional integrations
    - Improvements to existing integrations
    - And more...

    Join this webinar to see first hand how DFLabs’ Open Integration Framework enables security teams to easily add and orchestrate new functions between IncMan SOAR and third party products even without coding experience.

    In addition, learn about additional new features including how IncMan SOAR’s enhanced REST API allows users to extend and integrate security automation and orchestration with other processes in new and exciting ways, as well as how its START Triage module now enables granular control over which events are automatically enriched to validate which should be converted directly into a security incident.
  • Utilizing Recorded Future Threat Intelligence Within DFLabs SOAR Solution
    Utilizing Recorded Future Threat Intelligence Within DFLabs SOAR Solution
    John Moran, Senior Product Manager at DFLabs and Brian Guessetto, Partner Marketing Manager at Recorded Future Recorded: Nov 20 2018 30 mins
    Automate Enrichment And Simplifying Information Gathering

    As cybersecurity attacks continue to evolve accessing vital threat intelligence information is key. Valuable information is often scattered across many tools with varying degrees of confidence, which leaves investigators without a full understanding of the risk posed to their organization and ultimately prevents confident decision making at the most critical time in an investigation.

    DFLabs integration with Recorded Future’s threat intelligence platform enables simplified and automated information gathering and sharing to provide investigators with crucial details and context surrounding a potential incident.

    Combined with the capabilities of DFLabs security orchestration, automation and response (SOAR) solution, IncMan SOAR; orchestrating the process and automating information gathering allows investigators to better utilize their time investigating an incident rather than focusing their valuable time and effort performing manual information gathering and the data correlation tasks necessary to prioritize an event.

    Join this webinar for an in-depth look at Recorded Future’s integrations with IncMan SOAR from DFLabs to learn how:

    - Recorded Future Threat Intelligence can be orchestrated into the Incident Response process
    - IncMan SOAR can automate Recorded Future’s data enrichment actions
    - Recorded Future combined with DFLabs can automatically identify and respond to threats and remediate potential incidents before they can become a breach

    Your registration information will be shared with Recorded Future who may contact you in follow-up to your registration and/or attendance of this webinar.
  • Using Threat Intelligence Effectively in Security Automation and Orchestration
    Using Threat Intelligence Effectively in Security Automation and Orchestration
    John Moran Sr. Prod. Mngr DFLabs; Jessica Bair Sr. Mngr Adv.Threat Solutions; Michael Auger, Sr Sec. Solutions Cisco Security Recorded: Oct 30 2018 54 mins
    Using Threat Intelligence Effectively in Security Automation and Orchestration: A DFLabs and Cisco Use Case.

    Actionable intelligence is critical to responding efficiently and effectively to a potential security incident. Inaccurate or incomplete intelligence can lead to threats dwelling on the network, resulting in increased financial losses and irreparable damage to reputation. Once a threat has been discovered, decisive action must be taken to contain the threat.

    Cisco’s suite of detection, intelligence and response products, including Email Security Appliance, Threat Grid, Umbrella and Umbrella Investigate; offer security practitioners an unparalleled suite of tools, to address all phases of the incident response lifecycle.

    Combining the vast capabilities of Cisco’s suite of security products, with the orchestration and automation power of DFLabs’ IncMan SOAR platform, allows organizations to respond to potential security incidents, with unmatched speed and accuracy.

    Key Takeaways:

    · How Cisco’s suite of security products can improve your security infrastructure
    · How IncMan SOAR’s automation and orchestration capabilities can increase the efficiency and effectiveness of your security program
    · How Cisco security products combined with IncMan SOAR from DFLabs can automatically respond to threats

    Presented by:
    John Moran, Senior Product Manager, DFLabs
    Jessica Bair, Senior Manager, Advanced Threat Solutions, Cisco Security
    Michael Auger, Senior Security Solutions Architect, Cisco Security

    Your registration information will be shared with DFLabs’ solution partner Cisco Security, who may contact you in follow-up to your registration and/or attendance of this webinar.
  • How to Facilitate Knowledge Transfer within SecOps Utilizing SOAR Technology
    How to Facilitate Knowledge Transfer within SecOps Utilizing SOAR Technology
    Mike Fowler, CISSP, Vice President of Professional Services at DFLabs and John Moran, Senior Product Manager at DFLabs, Recorded: Oct 16 2018 52 mins
    Increased workload coupled with an industry-wide shortage of skilled responders is a common challenge heavily impacting operational performance in Security Operations Centers globally. An integral part of the solution is formulating a methodology to ensure that crucial knowledge is held and transferred between incident responders at all levels and overall retained within the organization.

    By utilizing Security Orchestration, Automation and Response (SOAR) technology, security teams can combine traditional methods of knowledge transfer with more modern techniques and technologies by incorporating machine learning and artificial intelligence capabilities.

    Join this webinar to learn about the benefits of implementing a SOAR solution, such as IncMan SOAR from DFLabs, and see how we can help to ensure that your organization’s knowledge is consistently and accurately retained, used and transferred, while simultaneously contributing to the efficiency and effectiveness of your entire incident response process.

    Key Takeaways:

    - The benefits of using SOAR technology
    - How to overcome the shortage of skilled security operations staff
    - How security orchestration and automation can facilitate knowledge transfer
    - How a SOAR solution can improve your overall security program performance
  • Increase Performance with KPIs for Security Operations and Incident Response
    Increase Performance with KPIs for Security Operations and Incident Response
    John Moran, Senior Product Manager at DFLabs,and Mike Fowler, CISSP, Vice President of Professional Services at DFLabs Recorded: Sep 25 2018 51 mins
    Security operations KPIs vary from organization to organization. To be effective, it is crucial that KPIs are selected based on the SMART criteria.

    KPIs provide the critical information required to make fact-based decisions. However, tracking too many KPIs can become a burden to analysts.

    Join our new webinar to discover the best practices for Key Performance Indicators (KPIs) for Security Operations and Incident Response.

    Key takeaways:
    - Why are KPIs important?
    - How to choose the best KPIs?
    - How many KPIs are appropriate to measure?
  • New Features and Capabilities of DFLabs IncMan SOAR Platform V4.4
    New Features and Capabilities of DFLabs IncMan SOAR Platform V4.4
    Mike Fowler, Vice President of Professional Services and John Moran, Senior Product Manager at DFLabs Recorded: Aug 28 2018 50 mins
    Mike Fowler, Vice President of Professional Services and John Moran, Senior Product Manager at DFLabs

    Aug 28 2018
    10:00 EDT / 15:00 BST

    The latest release of DFLabs IncMan SOAR platform v4.4 includes a range of additional and enhanced features and capabilities including:

    - Automated event triage (START Triage)
    - New bidirectional integrations
    - Improvements to existing integrations
    - Enhanced flexibility of runbooks
    - And more...

    Join this webinar to get this unique opportunity to take a look at the new and improved IncMan SOAR platform and see first-hand one of the most exciting new features and first of its kind capability, START (Simple Triage And Rapid Treatment) Triage, in action.

    START Triage aims to dramatically reduce the number of security incidents generated from alerts and is being used in production by a major European bank to eliminate manual first line assessment of suspected fraudulent online transactions. IncMan SOAR has reduced triage time by 90% for cyber fraud events generated by its mainframe and other external systems. The flexible, open and customizable architecture of IncMan SOAR’s START Triage allows it to adapt to virtually any use case and data source, including network alerts, endpoint alerts, transaction fraud alerts, physical security events and threat intelligence alerts.
  • Leverage Your SIEM Solution Utilizing SOAR Technology
    Leverage Your SIEM Solution Utilizing SOAR Technology
    Mike Fowler, VP of Professional Services at DFLabs; Christian Have, Chief Product Officer at LogPoint Recorded: Aug 14 2018 43 mins
    Empower your security analysts to accelerate detection and response of cyber incidents by combining the power of SIEM and SOAR.

    Based on a new joint solution from DFLabs and LogPoint resulting from their deep two-way integration, join this webinar to see how two security operations tools can work seamlessly together fusing intelligence to improve the overall effectiveness and operational performance of your existing security program.

    While a SIEM solution delivers tons of valuable information about the security status of your IT system, a SOAR solution uses this information to automate the response needed to incoming cyber threats. Combining the two will free up valuable time and resources in any security program and make for faster, smarter detection, response, and remediation of potential incidents.

    Learn how to:

    · Respond to all security alerts
    · Automate repeatable, mundane tasks
    · Orchestrate actions across multiple security tools
    · Enrich raw data, allowing for more informed, effective decisions
    · Reduce the mean time to detection and response
    · Increase the ROI on existing security operations tools

Embed in website or blog