Hi [[ session.user.profile.firstName ]]

Swimlane #2: SOARing Beyond Expectations - Automating Atomic Red Team Testing

Organizations around the world struggle protecting their environments and determining where vulnerabilities exist. Open-source projects, such as Red Canary’s Atomic Red Team, can help by providing methods for evaluating defensive security controls and identifying areas of vulnerability. Additionally, a framework like MITRE ATT&CK can give the organization a full security view, ensuring a comprehensive strategy is in place. Such resources provide useful information for security teams, but the manual processes still needed to execute tests and map them to active detections from existing SIEM, EDR or other tools is too time consuming for many security operations centers (SOCs) to conduct effectively. Join Swimlane and (ISC)2 on November 5, 2020 at 1:00 p.m. Eastern as we examine how to do automate testing with a security orchestration, automation and response (SOAR) solution.

In this session you will:

· Learn how to automate the testing of your security controls

· See how SOAR can help you visualize areas of concern with the MITRE ATT&CK dashboard

· Get an overview of a helpful open-source tool recently developed by the Swimlane Deep Dive Research Team
Live online Nov 5 6:00 pm UTC
or after on demand 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
Presentation preview: Swimlane #2: SOARing Beyond Expectations - Automating Atomic Red Team Testing

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Swimlane #3: Reactive to Proactive Threat Hunting: Changing the SOC w/Automation Dec 17 2020 6:00 pm UTC 60 mins
    Nick Tausek, Security Research Engr, Swimlane; Abe Johnson, Professional Services Engr, Swimlane; Brandon Dunlap, Moderator
    Are your analysts drowning in low-value, high-noise alerts and constantly playing catch-up? Is this hurting your mean time to detect (MTTD) and mean time to resolution (MTTR)? A security orchestration, automation and response (SOAR) solution can help in this area. A SOAR solution can enable an organization to realize some time and resource savings which can result in more research and active threat hunting for a more proactive approach to cybersecurity. On December 17, 2020 at 1:00 p.m. Eastern, Swimlane and (ISC)2 will explore how automation can help you dedicate your limited security resources to proactive threat hunting. We’ll also discuss how to:

    · Integrate your threat intelligence sources with a SOAR platform for faster and more accurate threat identification and verification.

    Use information from analyst research or automated feed ingestion to facilitate threat hunting across your security toolset and environments.

    · Reduce MTTD/MTTR by automating repetitive, manual tasks.
  • Securing Your Expanded Remote Workforce Dec 1 2020 6:00 pm UTC 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The COVID-19 pandemic has caused dramatic increases in remote workforces and BYOD policy adoptions, making it more challenging than ever to secure company applications and data. Now that organizations have increased their remote access capacities, it’s now time to explore ways to help secure these remote managed and unmanaged devices to help mitigate the elevated risks of ransomware, data breaches, and other cyberattacks. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

    - Recaps key findings from a recent COVID-19 impact study
    - Examines the challenges facing today’s IT security teams
    - Suggests ways to invest more in your human firewalls
    - Explores current and emerging security technologies
  • The Impact of COVID-19 on Enterprise IT Security Teams Nov 10 2020 6:00 pm UTC 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    The pandemic and its shock to world economies have profoundly altered work environments and cybersecurity priorities. COVID-19 has prompted a massive work-from-home (WFH) movement, increased BYOD policy adoptions, and unfortunately a spike in cyberthreats, ransomware, and data breaches. To help enterprises understand the enormous impact to their IT security teams, (ISC)2 co-sponsored a study that surveyed 600 security professionals from seven countries and 19 industries. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key insights from this study, including:
    - Challenges of supporting an expanded remote workforce
    - Mid-year changes to IT security budgets and personnel
    - Change in preferences for cloud-based security solutions
    - Security technologies best suited to address pandemic-fueled challenges
    - The positive impact of IT security professional certifications
  • Swimlane #2: SOARing Beyond Expectations - Automating Atomic Red Team Testing Nov 5 2020 6:00 pm UTC 60 mins
    Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
    Organizations around the world struggle protecting their environments and determining where vulnerabilities exist. Open-source projects, such as Red Canary’s Atomic Red Team, can help by providing methods for evaluating defensive security controls and identifying areas of vulnerability. Additionally, a framework like MITRE ATT&CK can give the organization a full security view, ensuring a comprehensive strategy is in place. Such resources provide useful information for security teams, but the manual processes still needed to execute tests and map them to active detections from existing SIEM, EDR or other tools is too time consuming for many security operations centers (SOCs) to conduct effectively. Join Swimlane and (ISC)2 on November 5, 2020 at 1:00 p.m. Eastern as we examine how to do automate testing with a security orchestration, automation and response (SOAR) solution.

    In this session you will:

    · Learn how to automate the testing of your security controls

    · See how SOAR can help you visualize areas of concern with the MITRE ATT&CK dashboard

    · Get an overview of a helpful open-source tool recently developed by the Swimlane Deep Dive Research Team
  • Darktrace #2: Securing the New Normal: Immune System Technology for Cloud & SaaS Recorded: Oct 22 2020 62 mins
    Nabil Zoldjalali, Director of Cloud Security, Darktrace; Brandon Dunlap, Moderator
    As workforces look to remain remote for the long term, the cloud has become ubiquitous. Yet human security professionals relying only on conventional security tools continue to struggle to secure the complexity of today’s hybrid and multi-cloud topologies - in fact, only 22% of organizations feel they have adequate visibility into their cloud applications and infrastructure. Join Darktrace and (ISC)2 on October 22, 2020 at 1:00 p.m. Eastern for a an examination of businesses as they increasingly turn to AI as a uniquely dynamic solution to detect and defend from novel threats that emerge on cloud and SaaS environments – which the global workforce continues to rely on in today’s remote working landscape. The webcast will also explore:

    · Exploration of the latest cloud and SaaS real-world threat trends
    · How Darktrace’s groundbreaking AI Immune System technology keeps pace with the dynamic workforce

    · Case studies and unique threat finds from industry leading customers
  • Netskope 3 - SASE for Data - Data Protection with Cloud DLP Recorded: Oct 21 2020 64 mins
    Greg Mayfield, Sr. Director PMM, Netskope; Brandon Dunlap, Moderator
    Data context is a core principle of SASE and requires visibility of data-at-rest and data-in-motion making Cloud DLP a requirement for thousands of cloud apps freely adopted by business units and users. Here are five areas to consider for your blueprint for data protection.

    •Users and data are increasingly in the cloud and working remote.
    •Data protection focuses on boundary crossings for apps, instances, and activity.
    •Unintentional and unapproved data movement is a leading use case for SASE.
    •DLP is compute intensive and SaaS architecture provides cloud performance and scale.
    •One solution applies DLP to data-at-rest and in-motion with SASE.
  • Netskope 2 - SASE for Users - Securing Remote Workers for Any Device or Location Recorded: Oct 21 2020 53 mins
    Ross Asquith, Product Marketing Manager, Netskope; Brandon Dunlap, Moderator
    Today, many legacy VPN solutions are overwhelmed. The solution is SASE: enabling employees to work from anywhere with a cloud-based combination of Zero Trust Network Access (scalable and fast remote access) and NG SWG (inline cloud and web security). Here are five areas to consider when transforming security to enable working from anywhere:

    •Fixing the poor user experience caused by overloaded VPNs.
    •Preventing lateral movement of malicious actors over VPNs.
    •Using ZTNA to avoid exposing private servers to the Internet.
    •Reducing the complexity of remote access to hybrid cloud.
    •Combining NG SWG with ZTNA to deliver SASE for remote workers.
  • Netskope #1 - SASE at-the-Core - Content and Context with Next Gen SWGs Recorded: Oct 21 2020 56 mins
    Tom Clare, Sr. Product Marketing Manager, Netskope; Brandon Dunlap, Moderator
    Digital transformation is driving the need to review cloud and web use in our organizations. Secure web gateways (SWGs) are now the core of SASE architecture to provide content and context for granular policy controls for apps and web. Here are five areas to consider for your SASE blueprint. Over half of SWG sessions are now cloud apps and services.

    •Web filtering needs to advance to decoding cloud app traffic inline.
    •The allow/block model no longer works for cloud, you need to manage risk.
    •Appliance limitations are being replaced with cloud native platforms.
    •Performance matters to avoid security trade-offs.
  • Ransomware: New Variants & Better Tactics to Defend & Defeat These Threats Recorded: Oct 20 2020 58 mins
    Mike Zuckerman, Consulting Sr. Product Marketing Manager, Infoblox; Brandon Dunlap, Moderator
    Ransomware continues to be an ongoing threat to organizations of all sizes that must defend against. Successful attacks have caused a large increase in overall ransomware incidents. Join Infoblox and (ISC)2 for the latest research on the emergence of Qakbot InfoStealer, the Return of Emotet, Vidar InfoStealer, and much more. We’ll also examine how Ransomware as a service continues to grow, the tactics threat actors are using to be successful and what can you do differently to better defend against them. Key takeaways will include:

    · New and recently emerged malware variants and trends

    · How these differ from other variants we have seen in the past

    · What defensive tactics work, and what has failed in the past

    · What the state of ransomware looks like
  • Swimlane #1: Five SOAR Use Cases to Address Analyst Burnout Recorded: Oct 8 2020 61 mins
    Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
    A recent study revealed how security orchestration, automation and response (SOAR) can deliver impressive gains in your security operations center's (SOC) efficiency, productivity, and consistency within a relatively short time-frame—11 months or less on average. But, how do you get there, and what SOAR use cases can lead to these remarkable gains? Join Swimlane and (ISC)2 on October 8, 2020 at 1:00 p.m. Eastern for a pragmatic approach to automation and orchestration as we dig into the use cases where organizations are seeing significant impacts in their SOCs. We’ll also examine:

    •Typical challenges that SOAR platforms address.


    •Five SOAR use cases that can be used immediately to alleviate analyst burnout and provide more effective use of existing tools.


    •How to further increase the ROI of a SOAR platform with robust reporting and metrics.
  • Chronicle #2: From EDR to XDR: Evolving Security Analytics to Keep Pace Recorded: Oct 1 2020 60 mins
    Ansh Patnaik, Product Marketing; John McGovern, Customer Experience Engineer; Brandon Dunlap, Moderator
    The XDR technology ecosystem promises a new level of cyber security visibility, improved detection and active protection against modern threats. The full telemetric value of XDR platforms, however, may not be realized without rethinking security analytics. Join the Google Cloud Security team for this webcast to learn more about the dimensions of modern security analytics that will enable you to fully unleash your XDR investment.
  • Ransomware Deep Dive: Examining Disturbing Ransomware Trends Recorded: Sep 29 2020 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Successful ransomware attacks are at an all-time high. And so is the number of organizations paying ransoms to recover their data. But why? And what can smart IT security teams do to mitigate the risks of falling victim? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2020 Cyberthreat Defense Report. In this webinar, we’ll:

    - Examine disturbing ransomware trends, by country and by industry
    - Postulate why more organizations are paying ransoms
    - Underscore the importance of investing in your company’s “human firewall”
    - Review technologies to help give security teams the upper hand
  • Chronicle 3:Detect Everything: Bringing Google Scale Threat Detection to the SOC Recorded: Sep 28 2020 63 mins
    Ansh Patnaik, Product Marketing; Svetla Yankova, Head of Customer Experience Engineering; Brandon Dunlap, Moderator
    Skillful threat detection and investigation starts with a diverse hub of security telemetry to draw from. The Chronicle platform allows security teams to cost effectively store and analyze petabytes of security data in one place and perform investigations in seconds. Now, Chronicle brings Google-scale threat analysis to your SOC with the debut of its detection engine, Chronicle Detect, fully equipped with ATT&CK reference rules, an integrated detection-based rules language, and intelligence from Chronicle’s elite threat research team. In this webcast, we’ll examine what’s new in Chronicle and see the detection engine in action with a live demo.
  • Blackberry #3: Preparing for the Future of Work Recorded: Sep 25 2020 55 mins
    Ebudo Osime, BlackBerry, Threat Intelligence Analyst
    Part three will examine how a Zero Trust security strategy built on AI-based security technologies could better prepare you to face the modern threat landscape. We will walk through some current, pervasive threats to gain a better understanding of why and how the unique features of AI-driven technologies are better suited to prevent, detect, and respond to them.
  • Blackberry #2: Combating Cyber Chaos with Unified Endpoint Security Recorded: Sep 25 2020 55 mins
    John McClurg, CISO, BlackBerry (formerly Cylance)
    In Part two, we’ll discuss strategies for securing remote workers using Zero Trust. As millions of us have grown accustomed to and continue working from home, the delineation between work and home has become increasingly porous. Devices – no matter the environment in which they are situated – must be secure without any performance trade-offs. We will explore how emerging solutions like continuous authentication and unified endpoint security that leverage AI, machine learning, and automation could play a critical role in deploying a robust Zero Trust security framework to secure all devices – anytime, anywhere.
  • Blackberry #1: Zero Trust Framework: What’s the Best Approach to Implement It? Recorded: Sep 25 2020 56 mins
    Rich Thompson, VP of Sales Engineering, BlackBerry (formerly Cylance)
    In this first part, we’ll explore the important preliminary questions about whether Zero Trust should be a priority for your organization and provides guidance on defining trusted users and devices, and how to integrate identity and network. It will address how to build a business case for Zero Trust, addressing business drivers such as cloud environments and business continuity needs.
  • Darktrace #1: Securing the New Normal: Cyber AI for Email Recorded: Sep 24 2020 55 mins
    Dan Fein, Director, Email Security Products, Darktrace; Brandon Dunlap, Moderator
    The future of work remains unpredictable and uncertain. More than ever before, business leaders need to remain confident that their operations can continue securely. However, 94% of cyber-threats still originate in the inbox, and ‘Impersonation attacks’ that expertly mimic the writing style of trusted contacts and colleagues are on the rise. Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response. . Join Darktrace and (ISC)² on September 24, 2020, at 1:00 p.m. Eastern for expert insight into how cyber AI is the only tool that can keep pace with the rapidly evolving threat landscape facing organization’s inboxes every day. The webcast will examine:

    · Exploration of the most recent email threat trends and statistics

    · Overview of Darktrace’s latest developments to secure the email environments of the dynamic workforce

    · Case studies and use cases from industry leading customers
  • ExtraHop #1: Unlocking the Ultimate Source of Truth in the Cloud—Network Data Recorded: Sep 24 2020 58 mins
    Guy Raz, Sales Engineer, ExtraHop; Dan Frey, Sr Product Marketing Mgr, ExtraHop; Brandon Dunlap, Moderator
    Learn how virtual taps from AWS, Azure, and Google Cloud enable NDR solutions to help secure cloud environments with agentless and immutable monitoring and threat detection capabilities. Invisible to attackers, NDR solutions sit out of band and analyze network traffic streams to provide crucial information about devices, users, and potential attacks that other security tools simply can’t. Join ExtraHop and (ISC)2 to examine how best-of-breed NDR also augments security personnel visibility into SSL/TLS 1.3 encrypted traffic and ML-driven threat detection that alerts only on items that matter while providing intelligence to remediation and forensic workflows.
  • ExtraHop #3 How CrowdStrike & ExtraHop Help Augment Security for AWS Deployments Recorded: Sep 23 2020 61 mins
    Chase Snyder, Product Mgr, ExtraHop; Stefan Avgoustakis, Sr Solutions Arch, AWS; Dixon Styres, Solutions Arch, Crowdstrike
    Learn how the integration of ExtraHop Reveal(x) 360 and CrowdStrike Falcon helps security teams detect and respond instantly to sophisticated attacks including network privilege escalation, lateral movement, suspicious VPN connections, data exfiltration and more. The joint solution provides powerful endpoint security and automated remediation of threats while discovering vulnerabilities arising due to the remote workforce shift and increased hybrid cloud adoption.
  • ExtraHop #2: Packets: Defending the AWS Cloud with Network Detection & Response Recorded: Sep 17 2020 59 mins
    Jeff Deininger, Principal Sales Engineer, ExtraHop; Brandon Dunlap, Moderator
    The playing field between attackers and defenders is not level, and it’s only becoming more unbalanced because of the complex, layered nature of attack surfaces in the cloud. Attackers can launch millions of arrows and only need one to find its target, while security teams must stop every attack. And when those attacks are successful, more than half of all data breaches take months to discover, and the average time from detection to containment is 279 days. Join ExtraHop and (ISC)2 and learn how access to packets in the cloud helps security teams move beyond a protect-and-prevent mindset and adopt a detect-and-respond posture that reduces dwell time and slashes time to contain.
(ISC)2 Security Briefings - In-depth examination of infosec topics.
(ISC)2 Security Briefings brings attendees multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Swimlane #2: SOARing Beyond Expectations - Automating Atomic Red Team Testing
  • Live at: Nov 5 2020 6:00 pm
  • Presented by: Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
  • From:
Your email has been sent.
or close