Hi [[ session.user.profile.firstName ]]

DFLabs - Cyber Incidents Under Control

  • Date
  • Rating
  • Views
  • Leveraging Your Existing SIEM Solution with SOAR Technology
    Leveraging Your Existing SIEM Solution with SOAR Technology
    Mike Fowler, VP of Professional Services at DFLabs; Christian Have, Chief Product Officer at LogPoint Recorded: Mar 12 2019 42 mins
    Improve Your Incident Response with LogPoint and DFLabs

    Empower your security analysts to accelerate detection and response of cyber incidents by combining the power of SIEM and SOAR.

    Based on the recent joint solution from DFLabs and LogPoint resulting from their deep two-way integration, join this webinar to see how two security operations tools can work seamlessly together fusing intelligence to improve the overall effectiveness and operational performance of your existing security program.

    While a SIEM solution delivers tons of valuable information about the security status of your IT system, a SOAR solution uses this information to automate the response needed to incoming cyber threats. Combining the two will free up valuable time and resources in any security program and make for faster, smarter detection, response, and remediation of potential incidents.

    Learn how to:

    · Respond to all security alerts
    · Automate repeatable, mundane tasks
    · Orchestrate actions across multiple security tools
    · Enrich raw data, allowing for more informed, effective decisions
    · Reduce the mean time to detection and response
    · Increase the ROI on existing security operations tools
  • Automation as a Force Multiplier in Cyber Incident Response
    Automation as a Force Multiplier in Cyber Incident Response
    Mike Fowler, CISSP - VP of Professional Services, DFLabs Recorded: Feb 26 2019 15 mins
    Security analysts are subjected to such a volume and frequency of alerts that over time they can become desensitized to the information they are analyzing, resulting in critical alerts potentially being disregarded or missed.

    When responding to tens of thousands of security alerts a month, how can you reliably distinguish what's important from what's just a noise in the background?

    Join our new webinar to learn how a Security Orchestration, Automation and Response (SOAR) solution can help your overwhelmed cyber response team to "SOAR" above the noise when detecting, responding to and remediating a potential security incident. Our VP of Professional Services, Mike Fowler, will present proven best practices to reduce and avoid alert fatigue.

    Key Takeaways:

    ● What is “Alert/Alarm Fatigue” and why should you care?
    ● What is the impact of alert fatigue on Security Operations and Incident Response?
    ● How you can cultivate a state of continuous alertness by applying the SOC Analyst Sanity Saver
    ● How to reinforce the front line
    ● How to leverage SOAR capabilities that act as a Force Multiplier in Incident Response

    Want to learn more on the topic ahead of the webinar? Download our white paper "Automation as a Force Multiplier in Cyber Incident Response" here: https://bit.ly/2SKN9pL
  • Detect, Analyze & Respond to Advanced Malware Using Orchestration & Automation
    Detect, Analyze & Respond to Advanced Malware Using Orchestration & Automation
    John Moran, Senior Product Manager, DFLabs Mark Mastrangeli, Lead Architect, McAfee, Security Innovation Alliance Recorded: Feb 5 2019 48 mins
    Detect, Analyze and Respond to Advanced Malware Using Security Orchestration and Automation: A DFLabs and McAfee Use Case

    As malware attacks continue, attackers are going to great lengths to obfuscate both the intent and capabilities of their malicious payloads to evade detection and analysis. In addition, the rate at which new malware is being developed has reached staggering new levels. Zero-day malware is increasingly common in all environments and signature analysis is becoming less effective.

    As a result, malware has become increasingly difficult to detect using more traditional detection mechanisms. Once detection occurs, it is often difficult to successfully analyze the malicious file to determine the potential impact and extract indicators. To successfully respond to a potential malware incident to contain the threat and block malicious traffic to minimize the impact, early detection and analysis are critical.

    In this webinar we will discuss how a security operations team can detect, analyze and respond to advanced, evasive malware by using DFLabs’ IncMan SOAR platform integrated with McAfee’s suite of tools including Advanced Threat Defense (ATD), Web Gateway and ePO for malware detection, while further being able to share critical security information using McAfee OpenDXL.

    Key Takeaways:

    Learn how McAfee’s suite of security products combined with IncMan SOAR from DFLabs can automatically detect and respond to malware threats to improve the effectiveness and efficiency of your security program by:

    - Performing advanced malware analysis
    - Enriching alert data
    - Immediately blocking threats
    - Sharing critical threat intelligence

    Your registration information will be shared with McAfee who may contact you in follow-up to your registration and/or attendance of this webinar.
  • Transform Your Security Operations With SOAR Technology -  IncMan SOAR Overview
    Transform Your Security Operations With SOAR Technology - IncMan SOAR Overview
    John Moran, Senior Product Manager, DFLabs Cody Mercer, Manager of Pre-Sales & Sales Marketing, DFLabs Recorded: Jan 29 2019 60 mins
    IncMan SOAR from DFLabs is the only Security Orchestration, Automation and Response (SOAR) platform available capable of full incident lifecycle automation, including built-in, automated threat intelligence gathering, risk assessment, triage and notification, context enrichment, hunting and investigating, threat containment and more.

    This feature rich, unique and scalable solution provides context to security incidents, automates actions, orchestrates response to activities, while enabling full reporting and measurement functionality across all stakeholders. With its Open integration Framework, REST API and Automated START Triage, it is the most open and customizable SOAR platform in the industry, helping organizations to overcome some of the most common challenges and pain points when it comes to incident response.

    Join this webinar to learn how to transform your Security Operations by using SOAR technology and discover how DFLabs can help you to detect, respond to and remediate all security incidents fast, before they impact your organization.

    Key Features & Capabilities:

    - Security Automation and Orchestration
    - Threat Hunting and Investigation
    - Incident Management
    - Flexible Integrations and Event Parsing
    - Forensic Evidence Management
    - Reporting and KPIs
    - Knowledge Transfer & Machine Learning
    - Community Portal and Community Edition
  • AMP Up Your Response with SOAR and Cisco’s Security Suite
    AMP Up Your Response with SOAR and Cisco’s Security Suite
    John Moran Sr. Prod. Mngr DFLabs; Jessica Bair Sr. Mngr Adv.Threat Solutions; Michael Auger, Sr Sec. Solutions Cisco Security Recorded: Jan 11 2019 58 mins
    Presented By:
    John Moran, Senior Product Manager, DFLabs
    Michael Auger, Senior Solutions Security Architect, Cisco Security
    Jessica Bair, Senior Manager, Advanced Threat Solutions, Cisco Security

    Learn how DFLabs’ Security Orchestration, Automation and Response solution, IncMan SOAR, integrates and performs seamlessly with Cisco’s security suite, including its latest integration with Cisco AMP for Endpoints.

    As organizations are exposed to more advanced and frequent attacks, speed of detection and response is critical in reducing financial and reputational damage.

    Cisco AMP for Endpoints leverages cloud-based analytics to detect and respond to advanced threats in real-time. Used with Cisco’s security suite, including Threat Grid, Umbrella and Umbrella Investigate, threats can be assessed, and assessments of the network performed; but this consumes valuable analyst time.

    IncMan SOAR allows security teams to automate repeatable tasks, including enriching initial threat indicators, allowing more time to focus on tasks which require human intervention.

    By combining these solutions, security teams can automate and orchestrate the process from initial alert, to containment and remediation, reducing actionable detection and response times from hours to seconds.
  • DFLabs’ New Open Integration Framework and Customer Community Portal
    DFLabs’ New Open Integration Framework and Customer Community Portal
    John Moran, Senior Product Manager, DFLabs and Heather Hixon, Senior Solutions Architect, DFLabs Recorded: Dec 18 2018 41 mins
    DFLabs’ innovative Open Integration Framework is designed to enable security teams to customize and easily add new automated integrations between their existing security tools and our IncMan SOAR platform, enabling SOCs and MSSPs to add unique incident response actions without the need for complex coding. The new framework is part of DFLabs’ commitment to delivering a more open, community-oriented solution to automation and orchestration, which also includes a new Community Portal.

    The Community Portal serves as a hub for customers, where they can get the latest information and support from DFLabs and interact with other like-minded customers. Moreover, this Community Portal aims to provide a cooperation ecosystem for companies and organizations, where they can share integrations of security tools and IncMan SOAR. This approach will enable our customers to tackle specific use cases by uploading or downloading integration files from the Portal to IncMan SOAR.

    Join this webinar to learn more about these two new exciting features, as well as DFLabs’ other latest developments and enhancements to IncMan SOAR v4.5 including:

    - Open Integration Framework
    - Community Portal
    - Enhanced REST API
    - Automated event triage (START Triage)
    - New bidirectional integrations
    - Improvements to existing integrations
    - And more...
  • Creating a Winning Security Strategy for 2019
    Creating a Winning Security Strategy for 2019
    Israel Barak, Cybereason | Dario Forte, DFLabs Recorded: Dec 5 2018 49 mins
    Cyber attacks on businesses, organizations and critical infrastructure becoming the norm in 2018. Massive breaches are constantly in the news and consumers are demanding stricter data and privacy protections. Cybersecurity has never been more important to organizations, and the investment in security technology has never been greater.

    CISOs are in the spotlight, and are looking to build the best strategy to secure their organizations, customers and users.

    Join top security experts for an interactive Q&A panel discussion on:
    - The key factors CISOs should consider for their cybersecurity strategy
    - The current and future threatscape
    - Platform Security for 2019
    - Technological solutions that make CISOs' lives easier
    - How organizations are coping with the shortage of qualified security workforce
    - How CISOs can better communicate their strategy to the board

    Panelists:
    Israel Barak,CSO, Cybereason
    Dario Forte, CEO, DFLabs

    Panel moderated by:
    Amar Singh, Founder & CEO, Cyber Management Alliance
  • DFLabs IncMan SOAR Platform V4.5: Open Integration Framework and More
    DFLabs IncMan SOAR Platform V4.5: Open Integration Framework and More
    John Moran, Senior Product Manager, DFLabs and Heather Hixon, Senior Solutions Architect, DFLabs Recorded: Nov 27 2018 41 mins
    The latest release of DFLabs IncMan SOAR platform v4.5 includes a range of additional and enhanced features and capabilities highly focused around delivering a more open, extensible and community-oriented solution to some of the most challenging problems facing SOCs, CSIRTs and MSSPs today.

    Key New Features include:

    - Open Integration Framework
    - Enhanced REST API
    - Automated event triage (START Triage)
    - New bidirectional integrations
    - Improvements to existing integrations
    - And more...

    Join this webinar to see first hand how DFLabs’ Open Integration Framework enables security teams to easily add and orchestrate new functions between IncMan SOAR and third party products even without coding experience.

    In addition, learn about additional new features including how IncMan SOAR’s enhanced REST API allows users to extend and integrate security automation and orchestration with other processes in new and exciting ways, as well as how its START Triage module now enables granular control over which events are automatically enriched to validate which should be converted directly into a security incident.
  • Utilizing Recorded Future Threat Intelligence Within DFLabs SOAR Solution
    Utilizing Recorded Future Threat Intelligence Within DFLabs SOAR Solution
    John Moran, Senior Product Manager at DFLabs and Brian Guessetto, Partner Marketing Manager at Recorded Future Recorded: Nov 20 2018 30 mins
    Automate Enrichment And Simplifying Information Gathering

    As cybersecurity attacks continue to evolve accessing vital threat intelligence information is key. Valuable information is often scattered across many tools with varying degrees of confidence, which leaves investigators without a full understanding of the risk posed to their organization and ultimately prevents confident decision making at the most critical time in an investigation.

    DFLabs integration with Recorded Future’s threat intelligence platform enables simplified and automated information gathering and sharing to provide investigators with crucial details and context surrounding a potential incident.

    Combined with the capabilities of DFLabs security orchestration, automation and response (SOAR) solution, IncMan SOAR; orchestrating the process and automating information gathering allows investigators to better utilize their time investigating an incident rather than focusing their valuable time and effort performing manual information gathering and the data correlation tasks necessary to prioritize an event.

    Join this webinar for an in-depth look at Recorded Future’s integrations with IncMan SOAR from DFLabs to learn how:

    - Recorded Future Threat Intelligence can be orchestrated into the Incident Response process
    - IncMan SOAR can automate Recorded Future’s data enrichment actions
    - Recorded Future combined with DFLabs can automatically identify and respond to threats and remediate potential incidents before they can become a breach

    Your registration information will be shared with Recorded Future who may contact you in follow-up to your registration and/or attendance of this webinar.
  • Using Threat Intelligence Effectively in Security Automation and Orchestration
    Using Threat Intelligence Effectively in Security Automation and Orchestration
    John Moran Sr. Prod. Mngr DFLabs; Jessica Bair Sr. Mngr Adv.Threat Solutions; Michael Auger, Sr Sec. Solutions Cisco Security Recorded: Oct 30 2018 54 mins
    Using Threat Intelligence Effectively in Security Automation and Orchestration: A DFLabs and Cisco Use Case.

    Actionable intelligence is critical to responding efficiently and effectively to a potential security incident. Inaccurate or incomplete intelligence can lead to threats dwelling on the network, resulting in increased financial losses and irreparable damage to reputation. Once a threat has been discovered, decisive action must be taken to contain the threat.

    Cisco’s suite of detection, intelligence and response products, including Email Security Appliance, Threat Grid, Umbrella and Umbrella Investigate; offer security practitioners an unparalleled suite of tools, to address all phases of the incident response lifecycle.

    Combining the vast capabilities of Cisco’s suite of security products, with the orchestration and automation power of DFLabs’ IncMan SOAR platform, allows organizations to respond to potential security incidents, with unmatched speed and accuracy.

    Key Takeaways:

    · How Cisco’s suite of security products can improve your security infrastructure
    · How IncMan SOAR’s automation and orchestration capabilities can increase the efficiency and effectiveness of your security program
    · How Cisco security products combined with IncMan SOAR from DFLabs can automatically respond to threats

    Presented by:
    John Moran, Senior Product Manager, DFLabs
    Jessica Bair, Senior Manager, Advanced Threat Solutions, Cisco Security
    Michael Auger, Senior Security Solutions Architect, Cisco Security

    Your registration information will be shared with DFLabs’ solution partner Cisco Security, who may contact you in follow-up to your registration and/or attendance of this webinar.

Embed in website or blog