SOC Talk: Automation and Visibility for Faster, More Accurate Response

Presented by

Simon Gibson, CISO / Security Architect, Jack Hamm, Principal Information Security Engineer, Graham Melville, Sr. Director

About this talk

Join Jack Hamm and Simon Gibson from the Gigamon SecOps as they demonstrate how to use automation and visibility to take the boredom out of repetitive tasks. One of the featured use case will be how to automate tasks to find and block Kaspersky in government organizations.   Security practitioners use a variety of tools and information sources to spot potential threats, evaluate each event and then act to mitigate. They are challenged by little interoperability between security tools, plus the cost of these tools across the network and cloud can be prohibitive.   During this lively webinar, hosted by Security Solutions leader, Graham Melville, you will see how Gigamon and the Phantom security automation and orchestration platform can help you reduce mean time to resolution. The team will show how you can provide wider visibility and automate the tasks your security staff repeats on a frequent basis.    Simon and Jack will demonstrate: •How to generate indicators of compromise to trigger Phantom to execute customized playbooks with specific actions. •How to automate tasks to find and block the use of Kaspersky in government organizations. •How to streamline dozens of sources to gain insight into security events. •How to gain visibility to the necessary traffic from all segments of your networks without buying more security tools. •How you can reduce the load and turn on more features on your security tools such as Next Gen Firewalls.
Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (331)
Subscribers (23040)
Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures.