Name: Comment automatiser la réponse à incidents avec Elastic et Swimlane
Start: 2023-05-16T21:12:00Z
End: 2023-05-16T21:12:27.000Z
Location: BrightTALK

At Swimlane, we believe the convergence of agentic AI and automation can solve the most challenging security, compliance and IT/OT operations problems. With Swimlane, enterprises and MSSPs benefit from the world’s first and only hyperautomation platform for every security function. Only Swimlane gives you the scale and flexibility to build your own hyperautomation applications to unify security teams, tools and telemetry ensuring today’s SecOps are always a step ahead of tomorrow’s threats.

Learn more: swimlane.com

Are you struggling to operationalize and enforce the cybersecurity fundamentals? Our research report, "Cracks in the Foundation: Why Basic Security Still Fails," which surveyed 500 decision-makers, reveals a harsh truth. 92% of organizations affected by an incident believe stronger cyber hygiene could have prevented it. 

Tune in as our panel of security experts analyzes the report's key findings and shares real-world tips on: 
- The most common basics that break and tips strengthen these fundamentals such as 
         - Failure to adhere to the common Controls 
         - Phishing awareness training
- Recommendations to overcome process delays that extend vulnerability risk windows. 
- Guidance on how to mature your AI and automation capabilities to improve cyber hygiene. 

Security leaders will gain the strategic roadmap to close the execution gap and transform hygiene into sustained cyber resilience, directly leveraging the operational expertise of the Swimlane SOC.

Fundamentals First: Building a Stronger Cybersecurity Foundation

The question is no longer whether your SOC will leverage AI, but when and how. 

Join Swimlane and TAG Cyber security experts for an AI SOC strategy session that delivers the definitive roadmap for autonomous SOC enablement. 

In this session, you will learn to:

- Define your AI SOC roadmap using the five pillars of autonomous maturity
- Reimagine your workforce by advancing analysts to high-value supervisory roles
- Learn best practices and lessons from Swimlane’s SOC

Plus, see a live demo of Swimlane Turbine’s autonomous SOC capabilities.

The CISO's Guidebook to Autonomous SOC Enablement

Join Ed Amoroso, CEO & Founder of TAG Cyber, and Michael Lyborg, Swimlane CISO, as they discuss how AI can be best leveraged in security operations. 

This in-depth interview is a candid conversation covering a variety of topics:
- AI vs Automation
- AI Applications for SecOps Efficiency
- AI Evolution Redefines Collaborative Security
- How AI Impacts The Next-Gen Of Analysts
- AI Offense Meets AI Automated Defense
- AI: Risk, Opportunity, or Both? A CISO's View

TAG Cyber Full Interview on AI in SecOps

They say those who don't learn from history are doomed to repeat it. In cybersecurity, this rings especially true. The playbook for many of today's most notorious attacks was written decades ago, and the most successful organizations are those that learn from past mistakes—not their own, but those of others.

In this webinar, Nick Tausek, Lead Solutions Architect at Swimlane, will walk through some of the most infamous security breaches in recent history. 

You'll learn:

- The who, what, when, and where of major security incidents, and the surprising similarities between them.
- Actionable insights and best practices for your SecOps team to prevent your organization from becoming a "ghost of incidents past."
- How agentic AI automation can help you defend against these types of attacks and build a more resilient security posture.

Join us to learn how to exorcise the ghosts of incidents past and keep your organization's name out of the history books for all the wrong reasons.

Ghosts of Incidents Past

Are you ready to turn AI commands into automated actions? Swimlane’s latest release transforms Hero AI from an assistant to an active partner. 

Join Swimlane product experts as they demonstrate how Hero AI can find, recommend and execute playbooks to empower security teams to automatically distribute best practices and institutional knowledge amongst their teams. 

In this webinar, you’ll learn how Hero AI helps security teams navigate today's most complex challenges by:

- Executing automations on behalf of security analysts, freeing them to focus on tasks that demand human expertise.
- Significantly increasing analyst productivity and bringing the collective knowledge of thousands of users to every analyst.
- Empowering analysts to use natural language commands to trigger automated playbooks, reducing cognitive load during high-pressure situations.
- Providing guardrails for predictable automation to ensure accuracy, trust, and speed.

This evolution of Hero AI is poised to resolve 99% of Tier 1 SOC analyst tasks, reducing manual effort and analyst burnout while strengthening overall security resilience.

Hero AI: Take AI-Driven Incident Response from Promise to Practice

Ready to uplevel your AI automation capabilities? Join our product experts as they showcase the powerful new features of the Turbine 25.3 release, designed to help you streamline workflows and boost productivity.

In this webinar, the Swimlane product team will walk you through what’s new with Turubine, including: 

- AI Updates: Learn how Hero AI can execute playbooks on demand and leverage its enhanced knowledge of the Turbine platform and cybersecurity for improved product support.
- Turbine Platform Updates: Experience enhanced tenant awareness with persistent identification and seamless switching.
- Playbook Management Enhancements: Redesigned Action Panel for improved navigation in Turbine Canvas, and comprehensive playbook runs filtering for better operational health and analysis.
- Git Integration Updates: Discover how SSH key support enhances compatibility with various Git tools, including Bitbucket and Azure DevOps, providing more flexible authentication and control.
- Personalized dashboards and alerts: Explore a redesigned home page for personalized high-level summaries, interactive dashboards with real-time, flexible filtering by date and customer ID, and email integration notifications for timely alerts and improved customer communication.

You’ll walk away from this webinar with an in-depth understanding of how the 25.3 Turbine release can provide immediate value and increase productivity for your team.

Your Roadmap to Smarter Security: A Deep Dive into the Turbine 25.3 Release

Are you prepared for a new reality in cybersecurity? Recent federal cutbacks to key programs, such as those from CISA, and the disbanding of the Cyber Safety Review Board, are shifting cyber resilience responsibility to the private sector. A new report reveals that 85% of organizations have experienced budget and resource strains in the last six months. It’s time to redefine what resilient security leadership looks like.

Join Swimlane security experts in a panel discussion to learn how to navigate this changing landscape. They will discuss:

- How shifts in federal funding have increased cyber risk exposure for 79% of organizations and hindered threat intelligence sharing
- The impact of budget cuts on security teams, including increased workloads and reduced capacity for threat detection and monitoring
- Tips for organizations to take resilience into their own hands by developing internal cybersecurity frameworks

Shifting Ground: Tips to Adapt Your Security Strategy in an Era of Federal Cyber Cutbacks

The 2025 SANS SOC Survey paints a revealing picture of significant challenges that continue to plague SOC teams worldwide. These include staff shortages, overwhelming data volumes, and reactive workflows. 

Join us on August 21 at 12pm ET to learn practical examples of how AI automation can help overcome these costly challenges, making it a non-negotiable investment. 

You’ll walk away with:
1) Key insights from the 2025 SANS SOC Survey 
2) A CISO perspective on how to overcome common SOC challenges 
3) Technical tips and tricks for using AI automation to improve SOC efficiency

2025 SANS SOC Survey Insights: A Guide to Maximizing Potential

Are you feeling the pressure to do more with less—juggling tool sprawl, alert fatigue, and increasingly sophisticated attacks? Security automation and AI-driven decision support offer a path forward, improving efficiency, accuracy, and response times.
 
Join SANS Instructor Mark Jeanmougin and Swimlane Field CTO Bryon Page for a webcast on how Swimlane is transforming Security Operations Centers (SOCs) with intelligent automation, streamlined incident response, unified visibility, and reporting.
 
Get a real-world demo and practical examples of how to use key aspects of the Swimlane Turbine AI automation platform, including: 

- Low-code automation across your entire security stack
- Generative & agentic AI used in the loop of automation 
- Centralized case and incident management 
- Composable dashboards for the SOC and beyond 

Whether you're a Security Operations leader, automation engineer, or SOC analyst, this session will deliver practical and actionable insights. Don’t miss how Swimlane Turbine turns complex security challenges into repeatable, scalable solutions.

SOC AI Automation Masterclass: How Swimlane Enhances Incident Response & Visibility

The growing complexity and speed of emerging threats continue to pose a significant challenge for MSSPs striving to deliver outstanding services to their clients.

Save your spot for our live event on June 18 at 11am MT as we explore how leading MSSPs can leverage AI automation to reduce alert fatigue, accelerate incident response, and scale operations without overburdening lean teams.

Learn how AI automation can help you: 
1 - Manage costs while delivering efficient service and value
2 - Achieve speed and efficiency with custom workflows
3 - Gain overarching visibility and control while keeping customer data segmented

Whether you're exploring AI automation for the first time or looking to refine your current approach, this webinar will equip you with the insights you need to navigate the journey with confidence.

5 Ways MSSPs Can Outpace Threats & Competitors with AI Automation

Is your GRC team stuck in spreadsheets for compliance? You are not alone. 71% of companies risk failing cyber audits due to fragmented workflows and manual evidence collection. This inefficiency drains resources and also introduces significant errors into your audit process. 

It's time to move from spreadsheet chaos to GRC clarity. Join Swimlane CISO and Head of GRC in a moderated panel as they discuss:
1 - Research insights and real-world perspectives on current GRC audit processes 
2 - Tips and tools to streamline audit evidence-gathering 
3 - Stories and lessons learned about GRC and security collaboration 

Don't miss this opportunity to discover how to transform compliance chaos into GRC clarity and restore confidence in your audit readiness.

From Spreadsheet Chaos to GRC Control: Tips to Transform Compliance Audits

Automation and AI are hot topics; their need is obvious, and every cybersecurity vendor, from hyperautomation to SOAR to XDR or even SIEM, claims to have what it takes to automate enterprise security operations. So what makes Swimlane Turbine different from other security “AI automation” platforms? 

Bring your toughest questions about the AI automation vendor landscape and join Bryon Page, Swimlane Field CTO, for an honest look (we promise to leave the marketing speak at the door) at what it takes to ensure your security automation investment is successful.

Join this webinar to learn more: 
1 - Strategic considerations for selecting the right security automation vendor 
2 - Signs that your automation needs are expanding and evolving
3 - A high-level demo of Swimlane Turbine

Automation Showdown: Swimlane vs The Rest

Just as Blue Angels pilots must navigate chaos and make split-second decisions to avoid severe risks, cybersecurity professionals face a similar reality. Overwhelmed with alerts, data, and sophisticated attacks, the stakes are high, and the margin for error is razor-thin. Attackers only need to be right once; YOU must be right every time. 

Join a discussion with former Blue Angels Commander David "Mongo" Koss, former United States Marine Corps Marine Raider/Gunnery Sergeant and CISO Mike “77” Lyborg, and moderated by Tony “Tigger” Thompson where you’ll gain: 

1) Battle-tested strategies for conquering your chaos 
2) Tips for building resilience in high-pressure environments
3) Real-life examples of how to lead your team through cybersecurity turbulence 

Cybersecurity can be chaotic, but we're here to help you take control.

Turn Cockpit Chaos into Cybersecurity Precision: Blue Angels-Inspired Tactics to Gain Control

Discover the value of Swimlane Turbine AI Automation for Analysts in this demo led by Swimlane Consulting Engineer Thomas Keck. This video provides an overview of how soc analysts can utilize Swimlane Case Management and Hero AI, the leading private agentic AI SecOps companion.

The Value of Swimlane Turbine for Analysts

Watch Janne Nyman, Field CTO, in this demo as he explores the advanced capabilities of Swimlane Turbine Case Management. Discover how over 100 customizable fields and cutting edge AI capabilities provide your team with the functionality and reporting necessary for a modern Security Operations Center (SOC).

Swimlane Turbine Advanced Case Management

Join Bryon Page, Swimalne Field CTO, to learn about the value of Swimalne Turbine AI Automation for CISOs. This brief demo video provides an overview of business use cases for security operations, compliance audit readiness, and vulnerability response managemen

The Value of Swimlane Turbine for CISOs

Join Chris Phillips, Southeast Consulting Engineer, as he kicks off a four-part series about EDR Alert Triage. This 5-minute video is part one and focuses on defining the EDR alert triage process, including common customer challenges and problems related to manual triage. 

Stay tuned for the rest of the series to see how Swimalne Turbine applies AI automation to save time and speed MTTR EDR alerts.

Part 1: EDR Alert Triage Challenges

Join Gavin Coulthard, Sr. Solutions Architect, to see how easy it is to ingest information from Ransomware Live into Swimlane Turbine dashboards to easily see:

1 - Ransomware victims by country
2 - Alerts overtime
3 - Which ransomware groups are involved 

With Swimlane Turbine, you can drill into specific ransomware events and trigger notifications when incidents have occurred to speed MTTR.

How to use Swimlane Turbine to Reduce Ransomware Risk

A partir d'une alerte d'authentification suspicieuse, nous allons vous montrer comment la solution Swimlane peut s'intégrer dans votre écosystème afin d'automatiser la collecte d'IOC et accélérer la réponse à incident. Au travers de cette démonstration, vous verrez comment Swimlane peut:

• exploiter la solution ElasticSearch afin d'obtenir plus de contexte par rapport à une alerte
• automatiser l'enrichissement de l'alerte avec des outils de CTI tel que Recorded Future et des outils RH.
• orchestrer la réponse à incident avec notre outils de "case management"

Comment automatiser la réponse à incidents avec Elastic et Swimlane

SOAR

Security Automation

Cyber Security

IT Security

Security Operations

SecOps

Incident Response

Cyber Incident Response

Threat Defence

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Comment automatiser la réponse à incidents avec Elastic et Swimlane

Presented by

About this talk

Swimlane