Hi [[ session.user.profile.firstName ]]

Behind the Scenes of Managed Detection & Response Service

You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

In this webcast, our threat detection specialists will reveal;
· How known and unknown threats are identified in our customer environments
· The intelligence behind threat hunting
· How our SOC uses threat intelligence to detect, investigate and respond to incidents
· What a typical day in the life of a SOC Analyst looks like
Recorded Feb 23 2021 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
Presentation preview: Behind the Scenes of Managed Detection & Response Service

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Network Traffic Visibility in the Cloud Mar 30 2021 3:00 pm UTC 67 mins
    Darragh Delaney, Sr. Product Manager, D&R and Morgan Doyle, Consulting Software Engineer, D&R
    In this real-training-for-free session we will discuss the options for cloud based network traffic analysis and how it differs from on-prem approaches. The use cases for this technology which include:

    Security analysts lack visibility within cloud networks. They do not have the visibility they need to troubleshoot operational and security issues within their AWS networks and want to eliminate this blind spot so that they have 'end to end' traffic visibility across all their network.

    Security analysts want DPI/full packet analysis in their AWS estates. They want more detail than VPC flow logs to detect security threats and to perform forensics on past events.

    Compliance and security personnel want cloud based IDS solutions. IDS is a key requirement for some compliance standards such as PCI

    Amazon launched a network traffic mirroring service in 2019 called VPC traffic mirroring. This allows you to span, or copy, network traffic going to and from one or more EC2 Elastic Network Interfaces and send it to a traffic analysis system.

    From a security perspective, we can now deploy cloud based out-of-band intrusion detection and analysis tools to look for malicious activity in the network traffic.

    During this call we will check out the VPC traffic mirroring feature in AWS and show how to set up a traffic mirroring session to capture activity associated with a number of ENIs. Topics include:

    -Mirror Sessions
    -Mirror Targets
    -Mirror Filters

    Using the data captured from this we will then look at how this can be used for incident detection and response.
  • The SOC Visibility Triad Mar 25 2021 3:00 pm UTC 23 mins
    Marcus Eaton - Lead Solutions Engineer, UK & Ireland & Roy Tobin - Detection & Response Services Manager, EMEA
    To get ahead of the attackers, security teams are increasingly moving from prevention only ideologies to focusing on early detection. Successful and comprehensive threat detection requires understanding common adversary techniques, which ones may especially pose a threat to your organization, and how to detect and mitigate these attacks. With that said, the volume and breadth of attack tactics make it nearly impossible for any single organization to monitor every single attack type—never mind catalog and translate those findings in a constructive way to anyone outside of their organization.

    Join this webinar to learn more about Gartner’s Security Operations Center (SOC) Visibility Triad, a network-centric approach to threat detection and response and how you can apply it to improve the detection and response capabilities in your organisation.
  • [APAC] Series: SOC Automation 101: The Future of Detection and Response Mar 24 2021 3:00 am UTC 62 mins
    Sydney Coffaro, Senior Technical Advisor, SOAR at Rapid7 and Jeffrey Gardner, Practice Advisor at Rapid7
    Today’s security operations–whether part of a formal SOC or not–require IT and Security teams to identify and address threats as quickly and decisively as possible. The growing list of threats, along with their methods of entry, techniques used, and means of detection and resolution have grown to a point where it’s nearly impossible to address manually. Part 4 of 4 of series: Focus on What Matters Most with Detection and Response
  • 5 Reasons to Outsource Detection & Response Operations Mar 18 2021 3:00 pm UTC 38 mins
    Chris Hartley - Regional Director for UK & Ireland, Rapid7, and Warwick Webb - Security Practitioner, Rapid7
    Security has played a positive role in enabling business over the recent weeks. This has been demonstrated by allowing remote workforces to remain productive and the hard work of security teams to keep operations running. However all this is putting a strain on the internal resources trying to protect their critical business assets from both external attackers and insider threats.

    At Rapid7 we are taking a practical role in helping ensure security advice and guidance is available for all, and we will be running a series of talk tracks to help provide a measured perspective on how to remain secure and operational with the resources you have.

    Join us for this live talk where Chris Hartley, Director at Rapid7 UK & Ireland, and Warwick Webb, Security Practitioner, will discuss the top 5 reasons why some organisations are looking to augment or outsource their threat detection and response operations including:

    · Talent shortage in cybersecurity and why specialisation is key
    · Business continuity and the impact of ‘always on’
    · Threat intelligence and global visibility of the threat landscape
    · Role of threat hunters in incident response

    We’ll also be joined by customer, Simon Parry from the Development Bank of Wales to reveal how they are using managed services in their own environment and which elements of managed detection and response are most important the success of their security program.
  • [APAC] Series: Looking Ahead: The 2021 Threat Landscape Mar 17 2021 3:00 am UTC 54 mins
    Jeremiah Dewey, VP Managed Services MDR at Rapid7 and Wade Woolwine, Principal Security Researcher at Rapid7
    The threat landscape continues to evolve and adapt, requiring organisations to have a high level of security visibility. However, when security teams, managers, and leaders have limited time and budget, prioritising investments to achieve the greatest impact and reduction in risk becomes even more critical. Part 3 of 4 of series: Focus on What Matters Most with Detection and Response
  • Anatomy of a Cloud Breach Mar 11 2021 3:00 pm UTC 26 mins
    Jeremy Snyder, Senior Director of Business Development and Solutions Engineering, Cloud Security Practice
    Introduced by our friends at ISMG as part of their virtual Cybersecurity & Fraud Chicago Summit, this presentation will outline why cloud security is fundamentally different from traditional data center environments. We’ll explore the top services and errors that have led to large-scale data breaches in the past several years, discuss ways to prevent future breaches, and review a few case studies of prominent breaches.
  • [APAC] Series: A CISOs guide to Security Planning Mar 10 2021 3:00 am UTC 29 mins
    Jeffrey Gardner, Detection and Response Practice Advisor at Rapid7
    The Cybersecurity industry’s resource gap has been well documented over the years, but in 2020 we've seen that gap widen. The attack surface has grown with remote workforces and a slew of new applications, but in many cases budgets are tightening and teams are wearing many hats.
    Part 2 of 4 of series: Focus on What Matters Most with Detection and Response
  • Cloud Security - Understanding Your Total Risk Mar 4 2021 3:00 pm UTC 26 mins
    Harsharn Puar - Lead Security Solutions Engineer, Cloud & Graeme McMillan - Senior Security Solutions Engineer, UK & Ireland
    Join us for this short session as we discuss how to assess your organisation’s risk across multi-cloud and traditional infrastructure environments using visibility and automation.
  • [APAC] Series: Doing More with Less: Detection and Response Planning for 2021 Mar 3 2021 3:00 am UTC 61 mins
    Margaret Wei, Product Marketing Manager at Rapid7 and Jake Williams, SANS analyst
    Despite a year of “new normals,” one thing that most teams can still count on this fall is annual security planning. However, this year, in addition to supporting growing remote workforces, many SOCs are facing increased budget scrutiny and pressure to demonstrate ROI as they go into 2021. Part 1 of 4 of series: Focus on What Matters Most with Detection and Response'
  • How to accelerate innovation of your multi-cloud environment Recorded: Feb 25 2021 28 mins
    Brian Johson, SVP, Cloud Security Practice
    How do companies improve their security, compliance, and governance while becoming more productive in their multi-cloud environments? More than 70 percent of enterprises today are multicloud, either through organic growth, through mergers and acquisitions, or as a corporate strategy. While cloud offers a powerful opportunity to unleash innovation within the enterprise, IT and security teams struggle to devise governance strategies to support that innovation. Join DivvyCloud by Rapid7’s Brian Johnson (co-founder and SVP, Cloud Security Practice) as he discusses how companies can accelerate innovation through better governance and optimization of their multi-cloud environment.

    This session will cover:

    - The signal and noise problem that many organizations are facing today
    - Why a self-service approach to cloud is the best way to innovate and remain competitive
    - How companies can remain secure and complaint while still going through a self-service culture shift
  • [APAC] How to accelerate innovation of your multi-cloud environment Recorded: Feb 24 2021 28 mins
    Brian Johson, SVP, Cloud Security Practice
    How do companies improve their security, compliance, and governance while becoming more productive in their multi-cloud environments? More than 70 percent of enterprises today are multicloud, either through organic growth, through mergers and acquisitions, or as a corporate strategy. While cloud offers a powerful opportunity to unleash innovation within the enterprise, IT and security teams struggle to devise governance strategies to support that innovation. Join DivvyCloud by Rapid7’s Brian Johnson (co-founder and SVP, Cloud Security Practice) as he discusses how companies can accelerate innovation through better governance and optimization of their multi-cloud environment.

    This session will cover:

    - The signal and noise problem that many organizations are facing today
    - Why a self-service approach to cloud is the best way to innovate and remain competitive
    - How companies can remain secure and complaint while still going through a self-service culture shift
  • Behind the Scenes of Managed Detection & Response Service Recorded: Feb 23 2021 47 mins
    Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
    You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
    No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

    In this webcast, our threat detection specialists will reveal;
    · How known and unknown threats are identified in our customer environments
    · The intelligence behind threat hunting
    · How our SOC uses threat intelligence to detect, investigate and respond to incidents
    · What a typical day in the life of a SOC Analyst looks like
  • [APAC] Continuous Cloud Security and Compliance for Financial Services Recorded: Feb 17 2021 31 mins
    Christopher Hertz, VP of Sales for Cloud Solutions, Rapid7 & Thomas Martin: Founder, NephoSec and former CIO at GE
    Financial services organizations are experiencing a culture shift as they respond to consumer demand for improved experiences delivered when and how they want them. Building applications and migrating regulated workloads to the cloud offers an attractive way to speed innovation, reduce time to market, and increase resilience.

    The financial services industry experiences security incidents at 300 percent more frequently than other sectors. The data breaches caused by cloud misconfiguration continue to be rampant, costing enterprises an estimated $5 trillion in 2018 and 2019 alone. Organizations must modify the "command and control" mentality of traditional IT and marry it with a "trust but verify" approach when looking to take advantage of the advantages in public cloud.
    In this session, learn how to identify and implement the systems that are cloud-native, and can help you address the unique challenges of public cloud offerings through automation.
  • Continuous Cloud Security and Compliance for Financial Services Recorded: Feb 11 2021 31 mins
    Christopher Hertz, VP of Sales for Cloud Solutions, Rapid7 & Thomas Martin: Founder, NephoSec and former CIO at GE
    Financial services organizations are experiencing a culture shift as they respond to consumer demand for improved experiences delivered when and how they want them. Building applications and migrating regulated workloads to the cloud offers an attractive way to speed innovation, reduce time to market, and increase resilience.

    The financial services industry experiences security incidents at 300 percent more frequently than other sectors. The data breaches caused by cloud misconfiguration continue to be rampant, costing enterprises an estimated $5 trillion in 2018 and 2019 alone. Organizations must modify the "command and control" mentality of traditional IT and marry it with a "trust but verify" approach when looking to take advantage of the advantages in public cloud.

    In this session with Information Security Media Group, learn how to identify and implement the systems that are cloud-native, and can help you address the unique challenges of public cloud offerings through automation.
  • [APAC] Managing Cyber Risk from Infrastructure to Cloud Recorded: Feb 10 2021 27 mins
    Chris Hartley - UK & Ireland Lead, Matt Rider - Applied Engineering Director & Jeremy Snyder - Snr Director, Cloud Practice
    Adoption of the cloud is rapidly accelerating. One estimate of spending on cloud in 2022 is $360bn, and the agility and ability for businesses to innovate and keep pace is a key driver of this. Businesses are at a variety of stages on their journey - from digital natives born and developed in the cloud, to the majority of organisations who are moving from traditional infrastructure to the cloud. This level of adoption allows organisations to support the evolution of their business and business models.
    During this talk, our panel will discuss some of the many challenges and areas for consideration, including managing cyber risk from traditional infrastructure and managing this risk in the cloud.

    What you will learn:

    • How to mitigate common cyber risks and challenges of cloud migration
    • Explosion of the edge and the impact of shifting to remote working
    • The implications of the growing number of applications to enable workforces and support customers
    • Recommendations of focus points given the pace of change as you migrate to the cloud
  • Managing Cyber Risk from Infrastructure to Cloud Recorded: Feb 9 2021 27 mins
    Chris Hartley - UK & Ireland Lead, Matt Rider - Applied Engineering Director & Jeremy Snyder - Snr Director, Cloud Practice
    Adoption of the cloud is rapidly accelerating. One estimate of spending on cloud in 2022 is $360bn, and the agility and ability for businesses to innovate and keep pace is a key driver of this. Businesses are at a variety of stages on their journey - from digital natives born and developed in the cloud, to the majority of organisations who are moving from traditional infrastructure to the cloud. This level of adoption allows organisations to support the evolution of their business and business models.
    During this talk, our panel will discuss some of the many challenges and areas for consideration, including managing cyber risk from traditional infrastructure and managing this risk in the cloud.

    What you will learn:

    • How to mitigate common cyber risks and challenges of cloud migration
    • Explosion of the edge and the impact of shifting to remote working
    • The implications of the growing number of applications to enable workforces and support customers
    • Recommendations of focus points given the pace of change as you migrate to the cloud
  • Series: SOC Automation 101: The Future of Detection and Response Recorded: Feb 2 2021 62 mins
    Sydney Coffaro, Senior Technical Advisor, SOAR at Rapid7 and Jeffrey Gardner, Practice Advisor at Rapid7
    Today’s security operations–whether part of a formal SOC or not–require IT and Security teams to identify and address threats as quickly and decisively as possible. The growing list of threats, along with their methods of entry, techniques used, and means of detection and resolution have grown to a point where it’s nearly impossible to address manually. Part 4 of 4 of series: Focus on What Matters Most with Detection and Response
  • [APAC] The 2021 Security Predictions “Woe”binar Recorded: Jan 28 2021 15 mins
    Tod Beardsley, Research Director, Bob Rudis, Senior Director, Chief Data Security Scientist
    Here’s a positively woeful spin on what we think the top security related threats will be as we head into 2021. Join Research Director, Tod Beardsley and Senior Director, Chief Data Security Scientist, Bob Rudis as they discuss how the price of Bitcoin is impacting the rate of ransomware and what you need to know about the COVID vaccine as it relates to the pharma-spam industry.

    We promise it’s not totally woeful, but there are some things you need to know and be prepared for as we enter 2021. Check it out and let us know what you think, are we spot on or far from it.
  • Series: Looking Ahead: The 2021 Threat Landscape Recorded: Jan 26 2021 54 mins
    Jeremiah Dewey, VP Managed Services MDR at Rapid7 and Wade Woolwine, Principal Security Researcher at Rapid7
    The threat landscape continues to evolve and adapt, requiring organizations to have a high level of security visibility. However, when security teams, managers, and leaders have limited time and budget, prioritizing investments to achieve the greatest impact and reduction in risk becomes even more critical. Part 3 of 4 of series: Focus on What Matters Most with Detection and Response. Part 3 of 4 of series: Focus on What Matters Most with Detection and Response
  • The 2021 Security Predictions “Woe”binar Recorded: Jan 21 2021 16 mins
    Tod Beardsley, Research Director, Bob Rudis, Senior Director, Chief Data Security Scientist
    Here’s a positively woeful spin on what we think the top security related threats will be as we head into 2021. Join Research Director, Tod Beardsley and Senior Director, Chief Data Security Scientist, Bob Rudis as they discuss how the price of Bitcoin is impacting the rate of ransomware and what you need to know about the COVID vaccine as it relates to the pharma-spam industry.

    We promise it’s not totally woeful, but there are some things you need to know and be prepared for as we enter 2021. Check it out and let us know what you think, are we spot on or far from it.
Supercharge Your Security Impact
Rapid7 is advancing security with visibility, analytics, and automation delivered through our Insight platform. Our solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Over 9,300 customers rely on Rapid7 technology, services, and research to improve security outcomes and securely advance their organizations. For more information, visit our website rapid7.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Behind the Scenes of Managed Detection & Response Service
  • Live at: Feb 23 2021 3:00 pm
  • Presented by: Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
  • From:
Your email has been sent.
or close