Name: 7 Steps to Automating Threat Detection and Analysis
Start: 2019-10-08T19:00:00Z
End: 2019-10-08T19:00:44.000Z
Location: BrightTALK
Rating: 5

Swimlane is the leader in AI-enabled, low-code security automation. Swimlane unifies security operations in-and-beyond the SOC into a single system of record to reduce process and data fatigue while quantifying business value and security effectiveness. The cloud-scale Turbine platform combines human and machine data into actionable intelligence for security leaders.  For more information, visit swimlane.com.

Imagine if GPS only showed major roads. You might get a sense of where to go, but you’d miss important details like traffic jams or road closure. 

While operational, the same holds true for case management offered by most security automation or SOAR platforms: You have some information but are missing the ability to drill into the details to determine the best path forward. It’s not good enough. 

See what dynamic case management looks like in our live demo webinar on Wednesday, April 17th at 1 pm ET. In the 30-minute webinar, we’ll show you how Swimlane Tubine’s Case Management: 

-Enhances visibility by showcasing all relevant event details without the need for manual investigations
-Analyzes & enriches case data with the context needed for intelligent incident response 
-Automates the correct remediation action in just one click, reducing MTTR by 50%

Don’t settle for “good enough” case management. Register now! 


Speaker: Steve McGee

With more than 25 years in the IT industry, Steve McGee emerges as a seasoned professional in security automation and SaaS solutions. Currently working as a Senior Sales Engineer at Swimlane, Steve helps organizations tackle their security challenges.

Throughout his professional journey, Steve played pivotal roles, notably contributing to ExtraHop Networks and Tyler Technologies. He has a knack for using technology to solve real-world problems.

Beyond tech, Steve is known for effective communication and relationship-building. His commitment to delivering solid results in various technical settings aligns with a broader approach to thought leadership.

Steve's story shows how technology makes a real difference in dealing with the challenges of today's IT world.

Top Case Management Capabilities Every Analyst Needs

The attack surface and telemetry sources will forever grow. Threats will rise in sophistication. Security professionals are always racing against machines. This is where "good enough" automation falls short because it can't keep up ⸺ it will never be good enough.

See firsthand the difference between good enough and great security automation by joining us for a live demo of Swimlane Turbine on March 21 at 1 pm ET. 

During the demo, we’ll show how Turbine combines the power of AI, automation, and low-code to revolutionize SecOps fundamentals and outcomes.  

-240% ROI with a platform that serves your security system of record
-Infinite integrations with API on-demand
-Automate at the scale of 25M actions per day, 10x faster than anything else

About the Presenter: 
Bryon Page, Field CTO, Swimlane
Bryon is the Field Chief Technology Officer at Swimlane, leveraging over 15 years of experience in the cybersecurity space. Known for his thought leadership, Bryon collaborates with global companies to enhance organizational security. His consultative approach to addressing business-critical challenges encompasses a wide range of products and services, including endpoint security, IDS/IPS, DLP, encryption solutions, proxy, malware analysis and sandboxing, EDR, CASB, and SIEM. Renowned for his proficiency in security automation, Bryon ensures that Swimlane remains at the forefront of technological innovation in the cybersecurity domain. He holds a bachelor's degree in Computer Science and is a proud veteran, having served in the United States Marine Corps.

Elevate Security Automation with Turbine

Welcome to a new era of SecOps!

Swimlane sets a new SecOps paradigm by building the world’s most capable automation engine and most flexible user experience. With the introduction of its latest innovations, Hero AI and Turbine Canvas, Swimlane Turbine is the first and only AI-enabled, low-code security automation platform that is the system of record for the entire security organization.

Join Swimlane product leaders David Irwin and Sri Hary Vengadasubbu for a live demo and presentation of Turbine’s latest developments.

In this webinar, see how Turbine will help you:

Make AI-augmented decisions while protecting all sensitive data with Swimlane's private LLM
Generate complex Python scripts in seconds through the Text-to-Code Chatbot
Categorize and prioritize issues more efficiently with AI Case Summarization
Build a playbook 3 x faster with Turbine Canvas

Meet Turbine's Innovations: Hero AI and an Ultra-Simple Playbook Builder

2024 is ripe with potential and brimming with challenges. The cybersecurity landscape continues to rapidly shift between technological evolution and sophisticated threats. Are you ready for this new era in cybersecurity? 

Join us for a webinar where executives from Swimlane share key predictions, emerging trends, and strategic insights for 2024, including:
  
-A world where AI is a new reality & its future in cybersecurity
-Maximizing efficiency in a “do more with less” environment
-The need to leverage security automation that goes beyond the SOC  
-Best practices for adapting to smarter cybersecurity threats 

Don't miss out on this chance to learn from experts and equip yourself with the knowledge needed to navigate this new era of cybersecurity. Register now!

Executive Panel: Predicting A New Era for Cybersecurity in 2024?!?

With the volume and velocity of attacks against them growing, the need to secure cyber and physical systems has never been greater. As a result, IT and OT professionals are increasingly turning to powerful new tools – like low-code security automation – to protect even the most vulnerable organizations.

You’re invited to a special conversation with Ian Anderson, Sr. Manager Enterprise Security and Monitoring as we explore lessons learned from OG&E’s automation journey, including:
- How to assemble a winning team of automation experts
- Determining which processes are the best candidates for automation
- Selecting the most appropriate set of tools
- Taking a threat-centered strategic approach
- Striving for a culture of continuous improvement

Join us to learn how you can leverage low-code security automation to ensure the protection of your organization’s critical infrastructure.

Protecting Cyber and Physical Systems with Low-Code Security Automation

Linux has risen to become one of only a few truly global go-to operating systems. Unfortunately, its growth in adoption has also attracted a growing number of attackers – and an expanding ecosystem of threats. That’s why Vali Cyber is redefining Linux security by combining its new ZeroLock platform with the power of Swimlane’s automation.

Join experts from Swimlane and Vali Cyber to explore the power of our partnership and demonstrate:
- The simplicity of integrating ZeroLock and Swimlane via their APIs
- How your team can save time by automating the enrichment of threat intel
- How you can leverage AI/ML techniques to detect, and recover from, attacks
- The amount of time you can save your team by automating Linux and cloud security

We look forward to seeing you.

Linux Security that Actually Works with Vali Cyber and Swimlane

The job of a SecOps professional has traditionally been plagued with time consuming (and frustrating) manual activity.  Fortunately, low-code security automation can drastically reduce the energy and effort needed to secure even the most complex organizations.  Moreover, recent advances in this technology mean that tasks and alerts that once took hours to finish, can now be completed automatically in mere seconds.

During the webinar we will explore:
- How to integrate and automate virtually any tool in your security stack
- How to easily create workflows and playbooks with visual, drag-and-drop tools
- Why manual alert review and legacy SOAR products just aren’t up to the challenge
- How you can improve key metrics like MTTD and MTTR without any additional hiring

Join Swimlane Automation Evangelist, Jay Spann, as we show you how you can rapidly automate even the most complex SecOps processes.

How to Automate Your Security Operations in 10 Mins or Less

Le travail d'un MSSP n'a jamais été aussi difficile. Alors que les surfaces d'exposition des organisations s'étendent, les outils et les environnements requis pour les protéger deviennent de plus en plus complexes. Heureusement, il existe des process et des technologies telles que l'automatisation de la sécurité low code qui peuvent aider les MSSPs à rationaliser et à améliorer leurs services de sécurité.

Au cours de ce webinaire, nous vous montrerons comment vous pouvez :
• Intégrer et automatiser pratiquement n'importe quel outil de sécurité de votre portefeuille de solutions
• Réduire considérablement les efforts manuels grâce à des workflows et des playbooks faciles à créer
• Créer un système central qui permet d'établir; de personnaliser et d'automatiser les flux de travail et de répondre rapidement aux incidents de sécurité
• Améliorer vos services sans embauche supplémentaire

Rejoignez les experts de Swimlane et Hermitage Solutions pour découvrir comment vous pouvez utiliser l'automatisation de la sécurité low code pour rationaliser et renforcer vos services de sécurité.

MSSPS, Améliorez Votre Efficacité Grâce à l'Automatisation de la Sécurité

The need to secure cyber-physical systems and critical infrastructure against cyberthreats has never been greater.  As the volume and velocity of attacks against industrial organizations grows, security teams often specifically struggle to protect their operational technology (OT) environments.  Fortunately, IT and OT professionals have an increasingly powerful set of new tools – like low-code security automation – that they can turn to for help keeping their organizations safe.

Join OT and cybersecurity automation experts from Nozomi Networks and Swimlane as we explore:
●   How companies can prepare for the continued convergence of OT and IT
●   Top cybersecurity threats and challenges facing cyber-physical systems
●   The role security automation and asset management can play in providing efficient, effective protection
●   Key facets of a new cyber-physical security automation ecosystem

Register for this special session to learn more about practical steps you can take today to secure your OT and IT assets from the rising tide of cyberthreats.

This webinar is also available in French. Register here: https://www.brighttalk.com/central/account/19313/channel/17794/talk/594033

Protecting Critical Infrastructure with Low-Code Security Automation

Il n’a jamais été aussi important de sécuriser notre environnement: systèmes physiques et informatiques ainsi que les infrastructures essentielles contre les cybermenaces. Avec l’augmentation du numbre et vitesse des attaques contre les organisations industrielles, les équipes de sécurité ont souvent du mal à protéger spécifiquement leurs environnements de technologie d’exploitation. Heureusement, les professionnels des technologies de l'information (IT) et d’exploitation disposent d'un ensemble croissant d'outils puissants tels que l'automatisation de la sécurité low-code auxquels ils peuvent faire appel pour assurer la sécurité de leurs organisations. 

Nozomi Networks et Swimlane, experts en automatisation d’exploitation et de la cybersécurité couvriront les sujets suivants:

Comment les entreprises peuvent se préparer à la convergence continue des technologies de l’information et d’exploitation
Les principales menaces et défis en matière de cybersécurité auxquels sont confrontés les systèmes physiques et informatiques
Le rôle que peuvent jouer l'automatisation de la sécurité et la gestion des actifs pour offrir une protection efficace et efficiente
Les principaux aspects d'un nouvel écosystème d'automatisation de la sécurité informatique et physique.

Inscrivez-vous à cette session spéciale pour en savoir plus sur les étapes pratiques que vous pouvez entreprendre dès aujourd'hui pour sécuriser vos actifs physiques et informatiques face à la montée croissante des cybermenaces.

Ce webinaire est aussi disponible en anglais. Inscrivez-vous ici: https://www.brighttalk.com/webcast/17794/593685?utm_source=Swimlane&utm_medium=brighttalk&utm_campaign=593685

Protéger les infrastructures en automatisant votre sécurité avec du low-code

Wading through a host of unstandardized cybersecurity acronyms like SIEM, SOAR, and XDR can be tough. In fact, frontline analysts and managers have never had a more difficult time selecting from - and effectively leveraging - the alphabet soup of tools that comprises the enterprise cybersecurity landscape. That’s why the world’s most forward-thinking organizations are adopting modern SOAR platforms to automate time-consuming tasks, unify disparate tools, reduce analyst burnout, and improve their overall security posture.

Join Forrester Swimlane Co-Founder, Cody Cornell, along with Forrester Senior Analyst and special guest Allie Mellen, as they discuss and explore security automation and its place in enterprise cybersecurity.

During this 1-hour session, Allie and Cody will discuss:
- What distinguishes low-code security automation from legacy SOAR
- How you can unify and integrate even the most complex, disjointed tech stacks
- Why selecting a vendor agnostic automation provider is so important
- How SOAR use cases are expanding beyond incident response and the SOC
- Where the market for security automation may be headed next

Modern SOAR and the Alphabet Soup of Cybersecurity

Defending their clients against the modern threat landscape, MSSPs and MDRs are tasked with an unquestionably tough job. Moreover, ensuring client security while remaining profitable can be a tall order given the shortage of qualified talent and seemingly exponential growth in the number of security alerts. To ensure cyber-readiness, responsiveness, and results in the face of these challenges, the world’s most successful managed security companies are turning to low-code security automation.

Join Swimlane and special guests from Ideal Integrations, Mazars, and Unit 221B for a roundtable discussion exploring:
- How to grow your business by 30% (or more) without adding any extra headcount
- The fastest ways to reduce MTTD and MTTR – improving SOC efficiency by 60%+
- New revenue streams that can be tapped by using additional, extensible use cases
- How forward-thinking MSSPs can save an average of 45 minutes per investigation

Elevating Service Provider Performance with Security Automation

While cybercriminals use a wide variety of threat vectors to infiltrate organizations, few are as well known as phishing. Despite great awareness around this type of attack, it remains the #1 cause of breaches. With so many tools and techniques designed to prevent phishing, why does it remain such an intractable problem – and what else can you do to improve your company’s response to this challenge?

Join experts from Swimlane and Mimecast together for a session demonstrating the power of our joint integration, and exploring questions like:
• What can we learn from studying MTTR across phishing attacks?
• Can the right tools actually make a dent in the problem?
• Which other tactics and techniques can be used to prevent phishing?
• How are the world’s most security-forward organizations leveraging low-code automation to improve detection and prevention?

Navigating the Phishing “Golden Hour” with Mimecast and Swimlane

Security automation helps organizations keep pace with alerts, emerging threats, and complex tech stacks and processes. This means that more companies than ever are seeking hands-on operational expertise in the utilization and optimization of these tools.  Recognized for developing innovative cybersecurity services, Unit 221B is quickly becoming a leader in this space.  From blazing fast implementation times to their focus on long-term value and unparalleled customizations, Unit 221B’s clients are realizing incredible results thanks to this winning partnership.

Join Swimlane’s Field CTO, Bryon Page, and Unit 221b’s VP of Security, Andriy Noble as we explore:
- Why Unit 221B chooses to turn the traditional managed services model on its head
- Why Unit 221B selects Swimlane to help address its customers’ most challenging security problems
- How Swimlane’s low-code SOAR helps MSSPs and MDRs maximize profitability and growth
- The tangible benefits organizations who deploy this winning partnership can expect

Unit 221B: Realizing Value in a Flash with Swimlane Security Automation

While first generation SOAR (Security Orchestration, Automation and Response) platforms promised the moon, they often failed to deliver for a variety of reasons.  These tools relied on rigid playbooks, often required extensive development resources, offered poor or non-existent case management features, and were constrained to just a few limited use cases.  With these challenges in mind, independent security automation industry leaders like Swimlane are quickly changing the game.

Join IDC Analyst, Chris Kissel, and Swimlane Co-Founder, Cody Cornell, as they explore the evolution of security automation technology.
During this 1-hour session Chris and Cody will discuss:

- The evolution of security automation technology
- What distinguishes low-code security automation from legacy SOAR
- Why selecting a vendor agnostic automation provider is so important
- How SOAR use cases are expanding beyond incident response and the SOC

Security Automation and The Evolution of SOAR with IDC

As a leader in delivering cybersecurity services, Ideal Integrations is no stranger to solving tough client challenges by partnering with innovative, best-in-class tools and platforms.  So, when it came to choosing a low-code security automation technology partner, it’s no surprise that Ideal Integration’s selected the world’s largest independent SOAR (Security Orchestration, Automation and Response) provider, Swimlane. Whether boosting MTTR by 18x or producing a 90% reduction in tier 1 and 2 tasks, Ideal’s clients enjoy a significant improvement in their security posture thanks to this winning partnership.

Join Swimlane’s Field CTO, Bryon Page, and Ideal Integration’s VP of Security Solutions, Corey Bussard for this joint webinar exploring:

• The obvious (and not-so-obvious) reasons that organizations turn to security automation
• How and why Swimlane differs from legacy SOAR solutions
• How Ideal Integrations is solving its client’s hardest problems with Swimlane
• The benefits that organizations can expect from employing this partnership

How Ideal Integrations Leverages Swimlane’s Security Automation

A partir d'une alerte d'authentification suspicieuse, nous allons vous montrer comment la solution Swimlane peut s'intégrer dans votre écosystème afin d'automatiser la collecte d'IOC et accélérer la réponse à incident. Au travers de cette démonstration, vous verrez comment Swimlane peut:

• exploiter la solution ElasticSearch afin d'obtenir plus de contexte par rapport à une alerte
• automatiser l'enrichissement de l'alerte avec des outils de CTI tel que Recorded Future et des outils RH.
• orchestrer la réponse à incident avec notre outils de "case management"

Comment automatiser la réponse à incidents avec Elastic et Swimlane

Combating data loss is an essential mandate for enterprise security organizations. Unfortunately, trends such as hybrid work, regulatory changes, and the proliferation of cloud tools (to name just a few), make effective and efficient DLP more challenging (and time consuming) than ever. Thankfully, by combining the power of low-code security automation with the unsurpassed expertise of an organization like Phoenix Cyber, it’s possible to streamline your DLP processes, reduce the risk of data loss and achieve greater peace of mind.

Join Swimlane’s Tim Davidson and Phoenix Cyber’s Tom Goetz as they discuss and demonstrate:

• Why low-code security automation is the perfect enabler of DLP
• How you can rapidly integrate any tool in your security stack
• What sets Swimlane apart from traditional SOAR platforms
• How you can get started on your journey to DLP success today

Achieving Next Level DLP with Low-Code Security Automation

The Future of AI in Security

Machine Learning and AI in a Brave New Cloud World

Network of the Future is Powered by AI: Dartmouth College Case Study

[PANEL] Data Governance & Compliance Strategy in the GDPR Era

Ask the Malware Expert: Ethics in AI

The Role of AI in IoT Security

Applying Machine Learning in Cyber Security

Combining human-centred approaches with AI in information security

Humans vs. Social Engineering, Phishing and Emails

Stop Watching and Start Blocking: Affordable Machine-Learning Enabled Defense

AI in security operations: What we’ve learned so far.

How AI Can Increase the Efficiency of Your SOC

[PANEL] Automating Threat Detection and Response

Keep Your AI Under Control - Governance of AI

Will AI Ever Replace Humans for Automation and Threat Detection?

The Shifting Balance: Expertise, Automation and the Future of Cybersecurity

Work Smarter: Effective Ways to Address the Cybersecurity Workforce Shortage

Presenter error - do not use

[PANEL] Human and Machine: Security Friends or Foes

The Ethics of Machine Learning and Artificial Intelligence

Human & AI: Security Force at Work

There are numerous cybersecurity tools available to help organizations detect threats. But, this volume creates a number of challenges, including siloed and disparate systems. While these tools are intended to improve the organization’s security posture, many of them require sophisticated staff with complex training to leverage them effectively. Sometimes, even with training, systems generate so many alerts the highly-skilled staff is unable to analyze and respond to real threats in a timely manner. This is not sustainable for even the largest security operations center (SOC). A holistic, automated approach to threat detection and analysis is necessary.


In this webinar, Swimlane’s Josh Rickard will provide seven steps to automate threat detection and analysis that can be used in any-sized SOC. This process enables analysts to stop focusing on detection and focus instead on a proactive SOC model, improving the security posture of the organization and dramatically reducing threat risk. You will learn how to:

- Monitor everything within your security stack;
- Build a system that can automatically detect every form of attack;
- Improve your ability to detect attacks and avoid false positives;
- Detect security threats in real time;
- And more!

7 Steps to Automating Threat Detection and Analysis

Cyber Security

Threat Detection

IT Security

Breach Detection

Disaster Recovery

IT Governance

Risk Management

Incident Response

Security Operations

Cyber Threats

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

7 Steps to Automating Threat Detection and Analysis

Presented by

About this talk

More from this channel