Hi [[ session.user.profile.firstName ]]

Designing an Effective SOC - Part II How to Build an Efficient & Effective SOC

Today’s SOC models provide two options: build a labor-intensive in-house SOC or outsource to an MSSP. In Part-1 of this two-part series Larry Ponemon shared how dissatisfied security professionals are with the inefficiencies found in both models. Now in Part II, Chris provides a practical guide for designing a new modern SOC model that combines humans and machines to deliver more efficiency and ROI.

In this talk we’ll discuss:
*Blueprint for designing a modern SOC
*Using software to increase efficiencies and improve morale
*Covering more event data without breaking the bank
*Validating ROI to senior executives and the board
Recorded Apr 16 2020 41 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chris Calvert
Presentation preview: Designing an Effective SOC - Part II How to Build an Efficient & Effective SOC

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Finding Real Security Threats in Your Data within the MITRE ATT&CK Framework Recorded: May 21 2020 16 mins
    Jim Van De Ryt, Solutions Architect
    The MITRE ATT&CK Framework has become the standard knowledge base for helping Security Operations Centers (SOC) manage threats and malicious activity. However, as organizations leverage and adopt MITRE, SOCs continue to struggle with the detection of real and malicious activity threatening their environments.

    Respond Software offers the Respond Analyst, a fully automated monitoring, detection and investigation solution that is providing SOCs with comprehensive visibility and control in relation to the MITRE ATT&CK Framework. Join this webcast to learn how the Respond Analyst is leveraging the MITRE ATT&CK Framework to:

    •Detect threats using “integrated reasoning” from multiple security sensors
    •Reduce or eliminate the need to chase false positives
    •Scope multiple events into a manageable number of incidents that SOC teams can remediate

    This webcast will also feature a live demonstration.
  • What is a Next Generation MSSP? Recorded: May 14 2020 33 mins
    Travis Abrams, Principal of CyberPeak Solutions & Mike Epplin, Solutions Architect at Respond Software
    As the cybersecurity threat landscape becomes more complex, organizations are struggling to keep their data and applications secure. Many are considering the use of Managed Security Service Providers (MSSP) to help them address the myriad of security issues and events they are tasked to manage. However, finding the right MSSP partner is not always a straightforward or simple endeavor.

    Organizations must consider many alternatives when deciding on an MSSP, including:
    -What are the typical cybersecurity challenges that small to medium businesses face and how are they being addressed by MSSPs?
    -How can these organizations afford to hire an MSSP within the constraints of a tight budget?
    -What attributes do organizations need to consider when evaluating an MSSP and what kinds of benefits should an organization expect from them?
    -What does a next-gen MSSP look like and why is that important?

    Join this webcast and learn how CyberPeak and Respond Software are answering these key questions in helping you find the right cybersecurity partner for you.
  • Security Leaders: Optimize Your Security Operations Budget Recorded: May 12 2020 50 mins
    Brett Wahlin, CISO of Amazon Prime Video and Chris Triolo, VP of Customer Success at Respond Software
    Security leaders often get caught up in the chase for the newest technology investments but may struggle to maximize the cybersecurity operations budget. So, how do you ensure you are selecting the right tools to optimize your security spend?

    Join Respond Software as we host a live chat with Brett Wahlin, CISO of Amazon Prime Video. Brett will share the best practices he applied to lead security operations at a number of organizations, including Staples, HP and Sony. Hosted by Chris Triolo, VP of Customer Success, get the definitive roadmap for everything you need to maximize your security operations budget.

    This live chat will answer how to:

    - Identify the big security budget categories for CISOs
    - Justify spend on new technologies and evaluate solutions to find the right fit
    - Build ROI models for cybersecurity
    - Shift budget between CapEx and OpEx
    - Support organizational shifts to support new priorities
    - Capture the biggest opportunities for cost savings

    Join us here on BrightTALK on May 12 at 6 pm ET. You don’t want to miss it!
  • Integrated Reasoning - Reducing Risk and False Positives by 10x Recorded: May 4 2020 10 mins
    Chris Calvert, VP of Product Strategy & Co-founder
    In this deep dive, Chris Calvert provides a detailed explanation of how the Respond Analyst's Integrated Reasoning Engine corroborates the probable likelihood of a security event being malicious thereby escalating only the critical incidents; reducing risk and false positives by 10x.

    Follow along as Chris dives into how the Respond Analyst..

    -Identifies events of interest from existing data sources (SIEM, Data Lake, or Sensor)
    -Gathers initial evidence from identified systems and system information and accounts
    -Infers the relevance through company context (IPs, Critical Assets, Whitelists, etc) and threat intelligence
    -Reasons through weighted evidence and probabilistic models
    -Builds cases for incident prioritization and escalation
  • Automating SecOps - Monitoring & Triage for EDR Events Recorded: Apr 21 2020 11 mins
    Tim Wenzlau, Product Manager and Mike Reynold, Product Marketing
    Endpoint Detection and Response (EDR) provides security organizations with highly accurate, detailed, low-level OS information, by way of 10s of thousands of events per day. EDR is a key piece for optimal security posture, however, monitoring requires deep OS and security expertise to achieve a quick and effective response. Many organizations have Tier 1 analysts swiveling between consoles, generating manual queries, and incorporating other context and security events; a method that often leaves security teams with more alerts than they can manage.

    By automating the monitoring & triage of EDR events with Robotic Decision Automation (RDA), security teams can focus on their response actions and other areas that reduce business risk.

    In this session, you'll learn how Respond Software uses RDA to enhance EDR data by:

    - Monitoring attacks in realtime
    - Eliminating false positives using probabilistic models
    - Leveraging multiple security data sources and automated analysis
  • Designing an Effective SOC - Part II How to Build an Efficient & Effective SOC Recorded: Apr 16 2020 41 mins
    Chris Calvert
    Today’s SOC models provide two options: build a labor-intensive in-house SOC or outsource to an MSSP. In Part-1 of this two-part series Larry Ponemon shared how dissatisfied security professionals are with the inefficiencies found in both models. Now in Part II, Chris provides a practical guide for designing a new modern SOC model that combines humans and machines to deliver more efficiency and ROI.

    In this talk we’ll discuss:
    *Blueprint for designing a modern SOC
    *Using software to increase efficiencies and improve morale
    *Covering more event data without breaking the bank
    *Validating ROI to senior executives and the board
  • [Series] Designing an Effective SOC - Part I Economics of Security Operations Recorded: Apr 14 2020 38 mins
    Dr. Larry Ponemon and Dan Lamorena
    Ponemon Insights - Despite significant investments in 2019, half of the security managers in the survey report that their SOC is ineffective at detecting attacks. What’s keeping us stuck? In Part One of this two-part series, Larry Ponemon joins Respond Software to discuss the most recent Ponemon Report findings, new insights into the economics and effectiveness of SOCs.
    In this first installment of the webinar series, learn which variables of the SOC contribute to overall ineffectiveness and worsening ROI, and explore new methodologies that address those issues. Key topics:
    -Cost comparison of In-house SOC vs. Outsourced SOC
    -The cost of skill attrition and hiring
    -Alternative solutions
  • Balancing the Security Workforce Recorded: Mar 25 2020 56 mins
    Diana Kelley | Chris Calvert | Larry Whiteside, Jr. | Gary Hayslip
    The world needs more people in infosec. There are currently about 2.8 million cybersecurity professionals, but roughly 4 million more are needed to close the skills gap.

    So, how are organizations addressing this shortage? What are some of the things organizations are doing when it comes to attracting and retaining cybersecurity talent, but also balancing the workload for the security teams they already have.

    Join today's episode to learn more about the challenges and solutions when it comes to balancing the security workforce.
    - Security skills shortage: Myth vs. Reality
    - Top challenges for security teams
    - Addressing burnout and analyst fatigue
    - How machine learning can help
    - Areas where people are better than AI
    - Building a security culture
    - Removing obstacles and attracting new talent

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.

    Panelists:
    - Chris Calvert, Co-Founder & VP Strategy at Respond Software
    - Larry Whiteside, Jr., Veteran CISO & Cybersecurity Thought Leader; Co-Founder & Interim President - ICMCP
    - Gary Hayslip, CISO, Softbank
  • Fintech CISO Shares 5 Tips: How Kyriba Automated SecOps Recorded: Mar 12 2020 36 mins
    Eric Adams, CISO and Kevin Bailey, Dir. of Global Security @ Kyriba
    Build a world-class security operation with a lean, nimble team.

    When security leaders are asked to ‘do more with less’, their choices are 1) reduce their team size 2) think out of the box 3) find a new job. The team at Kyriba chose option #2.

    Join Eric Adams, CISO at Kyriba and Kevin Bailey, Director of Global Security at Kyriba, as they discuss their journey in re-thinking and re-building their security operations program to both extend their capability and make a big improvement to the bottom line. We'll share how Kyriba’s team optimized resources with a SaaS-based security program built with decision automation and key integrations while adhering to the strictest compliance standards in the world.
  • Finding Incidents Using Web Filtering Data Recorded: Mar 5 2020 14 mins
    Tim Wenzlau, Product Manager, Mike Reynolds, Product Marketing Manager
    Web filtering data can be a treasure trove of threat activity (PUPs/PUAs). The challenges with finding these threats come from the vast volume of sensor data. PUP malware beaconing signals may or may not occur at regular intervals and a human security analyst can't be expected to keep track of all the web requests generated by a single host for an hour, let alone a day or a week. The solution to this challenge is Robotic Decision Automation, which can consider over 60 factors specific to web filtering data when identifying malware and other malicious activity. 

    Key takeaways from this webinar:
    -Web filter data volume is no longer an issue for monitoring
    -Monitoring HTTPS traffic reduces Mean Time to Respond (MTTR)
    -The Respond Analyst is the first solutions that allows for real-time analysis and triage of web proxy data


    The Respond Analyst integrates with leading web proxy vendors: Palo Alto Networks, Symantec, McAfee, Cisco, Forcepoint, Carbon Black and ZScaler.
  • Designing an Effective SOC - Part II How to Build an Efficient & Effective SOC Recorded: Feb 20 2020 42 mins
    Chris Calvert
    Today’s SOC models provide two options: build a labor-intensive in-house SOC or outsource to an MSSP. In Part-1 of this two-part series Larry Ponemon shared how dissatisfied security professionals are with the inefficiencies found in both models. Now in Part II, Chris provides a practical guide for designing a new modern SOC model that combines humans and machines to deliver more efficiency and ROI.

    In this talk we’ll discuss:
    *Blueprint for designing a modern SOC
    *Using software to increase efficiencies and improve morale
    *Covering more event data without breaking the bank
    *Validating ROI to senior executives and the board
  • Taking the Soreness out of SOAR Recorded: Feb 19 2020 7 mins
    Tim Wenzlau and Mike Reynolds, Respond Software
    Respond Software is announcing the integration of the Respond Analyst with SOAR solutions from Demisto (Palo Alto Networks), Phantom (Splunk) and Security Operations (ServiceNow). The Respond Analyst from Respond Software enables organizations to unlock the true value of their SOAR deployments by managing the up-front analysis of events before they are passed to the SOAR system. Learn how the integration of the Respond Analyst and your SOAR can help you reduce attack dwell time, speed up remediation, and reduce cost.
  • [PANEL] Proactive Security Strategies and Best Practices Recorded: Feb 11 2020 60 mins
    Roselle Safran, Sean Webb, Michelle Drolet & Chris Calvert
    In today’s business landscape it is important to take a proactive approach to security rather than a reactive approach. Join leading security experts as they discuss the safest ways to protect your organisation in 2019 and beyond.

    Join this Q&A panel to learn more about:

    - Key organisational benefits to practising proactive security
    - Technologies powering security
    - Best practices and recommendations for a more secure organization

    Speakers:
    Roselle Safran, President, Rosint Labs (Moderator)
    Sean Webb, Information Security Manager, Patriot One Technologies Inc.
    Michelle Drolet, CEO & Co-Founder, Towerwall
    Michelle McLean, VP Marketing, StackRox
    Chris Calvert, VP of Product Strategy, Respond Software
  • [Series] Designing an Effective SOC - Part I Economics of Security Operations Recorded: Feb 4 2020 39 mins
    Dr. Larry Ponemon and Dan Lamorena
    Ponemon Insights - Despite significant investments in 2019, half of the security managers in the survey report that their SOC is ineffective at detecting attacks. What’s keeping us stuck? In Part One of this two-part series, Larry Ponemon joins Respond Software to discuss the most recent Ponemon Report findings, new insights into the economics and effectiveness of SOCs.
    In this first installment of the webinar series, learn which variables of the SOC contribute to overall ineffectiveness and worsening ROI, and explore new methodologies that address those issues. Key topics:
    -Cost comparison of In-house SOC vs. Outsourced SOC
    -The cost of skill attrition and hiring
    -Alternative solutions
  • Finding Incidents Using Web Filtering Data Recorded: Oct 29 2019 15 mins
    Tim Wenzlau, Product Manager, Mike Reynolds, Product Marketing Manager
    Web filtering data can be a treasure trove of threat activity (PUPs/PUAs). The challenges with finding these threats come from the vast volume of sensor data. PUP malware beaconing signals may or may not occur at regular intervals and a human security analyst can't be expected to keep track of all the web requests generated by a single host for an hour, let alone a day or a week. The solution to this challenge is Robotic Decision Automation, which can consider over 60 factors specific to web filtering data when identifying malware and other malicious activity. 

    Key takeaways from this webinar:
    -Web filter data volume is no longer an issue for monitoring
    -Monitoring HTTPS traffic reduces Mean Time to Respond (MTTR)
    -The Respond Analyst is the first solutions that allows for real-time analysis and triage of web proxy data


    The Respond Analyst integrates with leading web proxy vendors: Palo Alto Networks, Symantec, McAfee, Cisco, Forcepoint, Carbon Black and ZScaler.
  • Fintech CISO Shares 5 Tips: How Kyriba Automated SecOps Recorded: Oct 22 2019 37 mins
    Eric Adams, CISO and Kevin Bailey, Dir. of Global Security @ Kyriba
    Build a world-class security operation with a lean, nimble team.

    When security leaders are asked to ‘do more with less’, their choices are 1) reduce their team size 2) think out of the box 3) find a new job. The team at Kyriba chose option #2.

    Join Eric Adams, CISO at Kyriba and Kevin Bailey, Director of Global Security at Kyriba, as they discuss their journey in re-thinking and re-building their security operations program to both extend their capability and make a big improvement to the bottom line. We'll share how Kyriba’s team optimized resources with a SaaS-based security program built with decision automation and key integrations while adhering to the strictest compliance standards in the world.
  • Automated Security Analysis for Palo Alto Networks customers Recorded: Sep 19 2019 63 mins
    Mike Epplin and Mike Reynolds
    Turn your Palo Alto Networks data into actionable security escalations. Monitor, analyze and triage security Palo Alto Networks NGFW, Traps and Cortex data with software, not people.
  • The Repond Analyst - MITRE ATT&CK™ Use Cases Recorded: Sep 5 2019 15 mins
    Chris Calvert VP of Product Strategy
    Deep dive into how the Respond Analyst makes decisions and escalates security incidents across MITRE ATT&CK™ framework.
  • Security Operations is broken. What can we do about it. Recorded: Aug 28 2019 12 mins
    Chris Calvert
    There’s a lot of talk about how things keep getting worse for security operations. The attacks keep coming—and they’re more dangerous, more frequent, and more successful than ever before. The reality is that we’ve been saying this every year since security operations became a part of enterprise IT. The balance of power has never favored the defenders. Only now, with the advent of decision automation and security analysis software, has it become possible to envision a real shift in power.
  • Respond Analyst - Dynamic Scoping and Prioritization Recorded: Aug 15 2019 3 mins
    Chris Calvert
    Considering and correlating new security alerts, as they become available, helps the Respond Analyst made better decisions, faster so security teams dramatically reduce their time to response.
Respond Software
Respond Software redefines Security Operations with the first security expert system, The Respond Analyst.

The Respond Analyst acts as a ‘virtual analyst’ for front-line security monitoring. It comes out of the box with the human-like reasoning and decision-making skills required to monitor complex, high volume data sets. Now with automated probability-based reasoning (built into the Respond Analyst) our customers no longer have to filter, tune-down or ignore security alerts. Their security team’s effectiveness is maximized, and they now spend time on more critical projects, like threat hunting and building more automation.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Designing an Effective SOC - Part II How to Build an Efficient & Effective SOC
  • Live at: Apr 16 2020 3:15 pm
  • Presented by: Chris Calvert
  • From:
Your email has been sent.
or close