Name: 5 steps to building an effective SOC optimization program
Start: 2021-11-03T17:00:00Z
End: 2021-11-03T17:00:25.000Z
Location: BrightTALK
Rating: 4.5

Cymulate exposure management and security validation drives continuous threat exposure management programs and supports both the technical and business requirements of scoping, discovery, prioritization, validation, and mobilization.

Proactively validate your enterprise's SIEM and SOC by launching controlled attacks in a quick, simple, and scalable manner.

Live Demo - SIEM & SOC Validation

Just as application development requires quality assurance and regression testing to deliver usability and function without defects, cybersecurity demands its own quality program to maintain strong defenses. Threats evolve, and your attack surface sees continuous change, so security teams face a constant challenge to identify weaknesses, prevent drift, and strengthen overall resilience. 

Join this webinar to learn how exposure management evolves security operations with continuous security and exposure validation that: 
- Test controls and response capabilities 
- Correlates vulnerabilities, weaknesses, and gaps with active threats and mitigating controls 
- Benchmarks cyber resilience and strengthens your overall security posture.

Security Validation: Your Security Program Needs QA & Regression Testing

Security leaders recognize that the pattern of buying new tech and the frantic state of find-fix vulnerability management is not working. Rather than waiting for the next big cyberattack and hoping they have the right defenses in place, security leaders are now more than ever implementing a proactive approach to cybersecurity by taking action to identify and address security gaps before attackers find and exploit them. 

Cymulate presents its 2024 State of Exposure Management & Security Validation report with key insights gathered from more than 500 customers in the practice of exposure validation correlating vulnerabilities, threats and controls. 

Join this webinar to learn more about the key findings and participate in the discussion of the report and its key findings in the areas: 
- Top threats, vulnerabilities targeted & cyber resilience 
- Most common security weaknesses and gaps from poor configuration 
- Security control effectiveness

Cymulate Research: 2024 State of Exposure Management & Security Validation

Today’s cloud security recognizes that breaches are inevitable. 

You need defenses to identify attacks accurately and contain the threat. That’s the role of cloud detection engineering. Join this webinar to dive into real-world scenarios that improve your cloud security posture through applied concepts of the assumed breach mindset that combines visibility, advanced detection analysis, robust identity and access policies, segmentation, and continuous security assessments to validate controls and responses. 

Register now and explore the concepts of detection engineering that you can apply to your cloud security program.

Cloud Detection Engineering: Adopting an Assumed Breach Mindset - IST

Cloud Detection Engineering: Adopting an Assumed Breach Mindset

December's Threat Research Lab Update explores well-understood attack tactics and methods that are getting new life breathed into them in current attack campaigns.

December Threat Research Lab Update

November's Threat Research Lab Update explores well-understood attack tactics and methods that are getting new life breathed into them in current attack campaigns. 

Each month, Mike DeNapoli, Cybersecurity Architect, and Dan Lisichkin, Threat Intelligence Expert & Infosec Researcher dive into the attacker tools emerging as the most prolific and highest risk in the threat landscape. We'll showcase a few that stand out from our continuous examination of the threat landscape and research performed by our highly experienced and diverse researchers. We'll evaluate how these tools work, the phases of intrusion, the threat actor profile (who did it, motivations, origin, why they chose their targets), and how the attack propagated. Furthermore, we’ll provide clear demonstrations of how we detected and replicated the attack propagation using the advanced capabilities of the Cymulate platform.

November Threat Research Lab Update - Everything Old is New Again

From military exercises to politics to video games, whenever there is any form of formal conflict, teams get stronger when they understand how the other side operates – their strategies, tactics, and core strengths. 

This session will give blue team members information and tips and tricks for breaking out of the confines of defensive thinking to better visualize and simulate threat activity from the threat actor point of view. 

- High-level review of how threat actors tend to operate 
- Visualization of infrastructure and systems as seen by a threat actor 
- Differences between different types of threat actors (lone wolves, small gangs, organized groups, state sponsored activity, etc.) 
- Myths of how threat activity happens commonly held by defenders

Saltt Technologies Webinar: Thinking Like An Attacker

This session will demonstrate the core capabilities of Cymulate Breach and Attack Simulation; including Web Gateway, Email Gateway, Immediate Threat, and Endpoint Security testing assessments.

Demo - Cymulate Breach and Attack Simulation. Part 1

Red teaming is a complex operation that is highly specific to the individual environment(s) in which each exercise is run.  A single wrong move can have significant impact on business operations and revenue generation, or produce misleading or incorrect results or both.  In order to avoid these negative outcomes, many organizations automation have limited the use of automation in red team operations.  However, modern tools and platforms can be used successfully and safely to automate many components of red team operations, such as discovery and probing, without incurring risk.  This allows the red team staffers to accomplish more with the same number of people and still reduce the rate of burnout common to the industry.  This webinar will speak to methods which can be used to safely automate major components of red team exercises without incurring risk, while still seamlessly integrating into the manual operational phase of the exercises themselves.

Red Teaming – Automate What You Can

With hundreds of thousands of potential vulnerabilities to be dealt with at any time, how can organizations define which should be addressed first?  This webinar will provide guidance and ideas on how to gauge not only the priority of patching and upgrading, but also to map out the urgency of performing those remediation actions – and how these may be two extremely different things for each vulnerability discovered.

Urgency vs Priority in Vulnerability Management

As the knowledge and expertise of an organization’s cybersecurity people, process, and technology evolves, keeping these questions in mind can be a major help to keeping that growth on track: 

1 – Where are we at this point in our cybersecurity maturity? 
2 – Where can we move to proactivity without sacrificing reactivity?  
3 – How can we more fully integrate business leadership into the cybersecurity process? 
4 – What challenges and roadblocks are continuing to surface? 
5 – What should be integrated into the next cycle of review and action?

Five Questions to Ask as You Evolve Threat Exposure Management

Each month, we'll dive into the attacker tools emerging as the most prolific and highest risk in the threat landscape. We'll showcase a few that stand out from our continuous examination of the threat landscape and research performed by our highly experienced and diverse researchers. We'll evaluate how these tools work, the phases of intrusion, the threat actor profile (who did it, motivations, origin, why they chose their targets), and how the attack propagated. Furthermore, we’ll provide clear demonstrations of how we detected and replicated the attack propagation using the advanced capabilities of the Cymulate platform.

Cymulate Threat Research Lab Update: September 2023

“The Bake It Off” Webinar Builds a New Level of Trust With Security Product Evaluation Through Attack Simulation. 

What’s the count on your security tool choices? 

No single person could inspect all of them and make an informed choice about which tool is the best for their organization. 

The Bake it Off webinar walks you through independent assessments with Breach and Attack Simulation (BAS) that works with your time, budget, and team right now.  

Put your tools to the test within your production environment to see how they react to simulated attacks.  

Watch how to use BAS for a fair and targeted bake-off that validates each tool that meets your needs.

Overwhelmed by the Sheer Number of Security Tools?

Extended BAS modules: WAF, Full Kill-Chain Scenarios, Data Exfiltration, and an overview of custom templates for all modules

Demo - Cymulate Breach and Attack Simulation. Part 2

CSPM (aka cloud security posture management) is only a partial solution for cloud exposure management. Identifying misconfigurations in the cloud is a critical step to discover security weaknesses, but assessment data often includes hundreds of potential weaknesses without context to actual risk. Cloud misconfigurations require validation to confirm breach feasibility and prioritization that considers compensating controls and business impact. 

Attend this webinar to learn how security leaders are implementing Cymulate in their exposure management programs to strengthen their cloud security resilience and reduce risk. Experts from Cymulate will model the Cymulate Exposure Management Platform to achieve: 

- A risk-based view of cloud security posture 
- A risk-profiled cloud asset inventory, attack surface, and validated attack paths 
- Program baselines and executive communication for cloud deployments 

Cymulate will also demonstrate the recent updates to its Breach and Attack Simulation Advanced Scenarios solutions for a threat-informed defense for cloud infrastructure. With the expansion of cloud and Kubernetes scenarios, Cymulate BAS Advanced Scenarios provides security leaders and teams with the security validation critical to managing the security posture for cloud infrastructure.

Additional Resources:
https://cymulate.com/resources/application-cloud-security-validation/
https://cymulate.com/solutions/cloud-security-validation/
https://cymulate.com/schedule-a-demo/
https://cymulate.com/blog/the-power-of-validating-detection-in-kubernetes/

Pushing New Boundaries for a Threat-Informed Defense for Cloud

From military exercises to politics to video games, whenever there is any form of formal conflict, teams get stronger when they understand how the other side operates – their strategies, tactics, and core strengths. 

This session will give blue team members information and tips and tricks for breaking out of the confines of defensive thinking to better visualize and simulate threat activity from the threat actor point of view.  

- High-level review of how threat actors tend to operate 
- Visualization of infrastructure and systems as seen by a threat actor 
- Differences between different types of threat actors (lone wolves, small gangs, organized groups, state sponsored activity, etc.) 
- Myths of how threat activity happens commonly held by defenders

Think Like an Attacker

Preventive security controls are insufficient to protect an organization effectively. They have to work in tandem with detection, threat hunting, and incident response capabilities.
Companies that take a proactive stance to defend their critical assets rely on the people, processes, and technologies that go into their SOC to detect and thwart malicious activity.
This creates the demand for ongoing optimization in the face of a dynamic threat landscape.
Attend this session to learn:
·        How to apply MITRE ATT&CK in the detection development process
·        How to develop and validate detections in an environment that lacks homogeneity 
·        How to leverage automation and build a continuous program of SOC validation

5 steps to building an effective SOC optimization program

MITRE ATT&CK

Threat Analysis

Threat Hunting

Continuous Security Validation

SOC Validation

Breach and Attack Simulation

Incident Response

Vulnerability Intelligence

Cyber Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

5 steps to building an effective SOC optimization program

Presented by

About this talk

More from this channel