Name: Now on Now: Lessons learned from evolving our own SOC
Start: 2021-04-08T16:00:00Z
End: 2021-04-08T16:00:26.000Z
Location: BrightTALK
Rating: 4.5

Transform your security operations the same way you are transforming your business with automation, AI, context, and collaboration between security, IT, and risk teams. You can identify, prioritize, and respond with agility to evolving cyber threats. We can also help you get proactive to improve your security by systematically hardening and reducing your digital attack surface and optimizing and orchestrating your security operations.

In a time of rising cyber-threats, security operations teams need tools to identify, analyze and report hazards pending further investigation and resolution. By integrating performance analytics into our Security Operations solution, ServiceNow helps stakeholders make faster, more informed decisions.

Harnessing the power of Performance Analytics for Security Operations

In an era of evolving cyber threats, ServiceNow’s DLP Incident Response app enables you to manage and protect sensitive, proprietary information— from financial and health records to Social Security numbers. Learn to respond to and remediate data loss when you join our upcoming webinar. Our speakers will discuss: 
- Integrating with third-party DLP solutions for a unified view of incidents  
- Monitoring and assigning incidents to the appropriate end user 
- Tracking DLP incident, false positive, and remediation trends

Increase visibility & accelerate response to threats with DLP Incident Response

Enterprises are enthusiastic about the MITRE ATT&CK Framework, a behavioral-based threat model, and how it can help enable thinking “like the enemy”—stitching together cyber-attack kill chains and visualizing adversarial tactics.

However, while many security tools provide basic MITRE ATT&CK support, SOC teams still find it hard to operationalize the framework into processes for incident detection, security engineering, and threat hunting and response. Your security orchestration, automation, and response (SOAR) tools can help, but only if they’re tightly integrated.

Join our webinar on integrating the MITRE ATT&CK Framework with SOAR, as we discuss:

- The key requirements you will need for this integration
- The benefits you can gain by including MITRE ATT&CK data into incidents/observables
- Creating custom dashboards and runbooks
- Gaining an intuitive visualization of attack campaigns and adversarial behavior

The MITRE ATT&CK Framework and SOAR: Better Together

How SOAR Saved the Day; A Guide to Modernising Your Security Solutions

According to Gartner by year-end 2022, 30% of organisations with a security team larger than five people will leverage SOAR tools in their security operations, up from less than 5% today. The almost overnight migration to a virtual employee workforce has tasked Security and IT teams to deliver and secure digital transformation at lightning speed. This was not an easy task for teams already stretched thin and juggling multiple tools and limited resources.

With the volume of threats in mind and the scaling that needs to happen overnight for these teams, security orchestration and automation (SOAR) solutions are critical for their success.

In this session, we will discuss:
- How automating workflows can help ensure that threats to your business are resolved before they can impact the business and your employees
- The impact of the pandemic on security solutions, and why SOAR is so important now than ever before
- The importance of automation and orchestration in the new normal

How SOAR Saved the Day; A Guide to Modernising Your Security Solutions

In today's fast-paced digital landscape, adopting cutting-edge technology is vital for business growth. To ensure operational continuity and minimize cyber risks, you need robust best practices for managing vulnerabilities in both IT and OT infrastructure. Discover how critical infrastructure companies are staying ahead by leveraging cloud solutions across IT, OT, and IoT Enterprise. Learn firsthand how these companies accelerate their digital transformation and fortify cyber security using the powerful ServiceNow platform.

Deliver Cyber Resilience across manufacturing and critical infrastructure

The modern enterprise still relies heavily on technology deployed in traditional infrastructure and virtualized environments. But as organizations invest in cloud capabilities, and development teams adopt containerized deployment methodologies, the cloud native enterprise is already here. According to a report from Sysdig, nearly 75% of containers have high or critical vulnerabilities and 83% of images that run in production containers have at least one patchable vulnerability. Today, Security teams must be able to handle the complexity of container security and cloud security posture management on top of their traditional infrastructure and security hygiene concerns. Join Karl Klaessig and Julian Azaret for a discussion on how to secure this new cloud native enterprise, and how ServiceNow can help unify your security workflows across cloud, container, and traditional infrastructure.

Securing the hybrid enterprise

Today, it takes 277 days on average to identify and contain a data breach. In other words, cyberthreats are growing in both frequency and severity. It’s no longer enough to meet them with a reactive, disconnected response.  
ServiceNow experts will lead this exploration into how businesses like yours can break down silos across IT, security, and risk, to build a more effective, collaborative cyberthreat response, with Enterprise Case Management.  
Watch our webinar to discover how to transform your security operations with three core pillars:  
 - Expediting incident triage and prioritization  
 - Responding to cyberthreats faster with centralized operations  
 - Scaling team capacity and resources through automation

Drive Cyber Resilience with Enterprise Case Management

Risk insights can help utilize your teams limited capacity and scale to not only more quickly prioritize new vulnerabilities, but also to determine who should respond, how best to respond, and in what order. With little time and few resources to waste, the question is "how do I get it right the first time?" ServiceNow's Risk-based Vulnerability Management solution, ServiceNow Vulnerabillity Response, has proven its value in hundreds of deployments. 

Join our vulnerability experts to review best practices and to learn about our Top 10 Value Drivers for real customer situations.

Risk-Based Vulnerability Management in Action

Do you know which assets in your organization are threatened? Are there gaps in your coverage?

To best answer these questions, register now for Know which assets are protected and which are at risk with ServiceNow. At this webinar, you’ll learn about ServiceNow’s new, end-to-end application, ServiceNow Security Posture Control (SPC). Part of the ServiceNow Security Operations suite, SPC unifies attack surface coverage data, shows the highest risk gaps, and identifies the owners who can remediate these risks.
Gopi Krishna Boyinapalli, Senior Staff Inbound Product Manager at ServiceNow, will explain how SPC:
 
- Provides full detection, response, and compliance
 - Integrates with risk and vulnerability solutions to view compliance status
 - Ensures accurate risk scores

Keep your organization ahead of security threats. Sign up for this webinar today

Know which assets are protected and which are at risk with ServiceNow

The MITRE ATT&CK framework is a knowledge base of cyberattack tactics and techniques used as a foundation for the development of specific threat models and methodologies. Proactively hunt for threats and stay ahead of adversaries with ServiceNow's Security Incident Response and the MITRE ATT&CK framework. 

Learn how you can empower your incident response teams to know each attacker’s tactics and techniques for the incident under investigation to quickly prioritize and manage detection and response procedures and reduce attack surface.

Unify Detection and Response with MITRE ATT&CK

Proven frameworks offer reliable structure for maturing security programs.

Join this discussion to learn how you can most efficiently adopt the NIST CSF and RMF frameworks or the CIS Top 20 Controls. We'll present coverage, fine-grained alignment, and quick time-to-value examples based on the ServiceNow Security and Risk portfolio with other ServiceNow and ecosystem products.

Best Practices in Adopting NIST and CIS Control Frameworks

Many organizations and their security teams are overwhelmed trying to keep up with vulnerabilities and cyber threats. Not only is prioritization a challenge, but many teams depend on point tools and cumbersome, labor-intensive processes—while dealing with staff shortages and lack of advanced skills.

The solution is to harden the attack surface to thwart attackers. Join us for Mind the gap: How ServiceNow helps organizations find, prioritize, and manage vulnerable assets, and gain a successful, proactive security program. Spend an hour to learn how ServiceNow’s Vulnerability Response can help your organization:

- Reduce exposure to vulnerabilities
- Gain greater visibility and intelligence—and shorten time to resolution
- Improve threat detection, automate workflows, enhance collaboration, and boost productivity
- Be sure to attend—and take important steps to manage vulnerabilities across your enterprise.

Hosted by:
Karl Klaessig, director of product marketing, security operations, ServiceNow
Mike Plavin, senior technical product marketing manager, security operations, ServiceNow

Mind the gap: How to find, prioritize, & manage vulnerable assets

A brief demonstration of ServiceNow's Security Operations suite, illustrating how it can help get work done in security and beyond. Through the context of a major security incident, we explore Security Orchestration Automation and Response use cases, hardening attack surfaces through vulnerability remediation workflows, collaboration with IT, and evaluating readiness to combat advanced persistent threats.

Transform security operations with the ServiceNow platform

In this video, Leo Sequeira from the ServiceNow Customer Outcomes team discusses how Vulnerability Response and the CMDB complement one another as he answers some of the more common questions and concerns he's heard from customers.

Vulnerability Response & CMDB

In an era of evolving cyber threats, ServiceNow’s DLP Incident Response app enables you to manage and protect sensitive, proprietary information— from financial and health records to Social Security numbers. Learn to respond to and remediate data loss when you join our upcoming webinar. Our speakers will discuss: 

- Integrating with third-party DLP solutions for a unified view of incidents  
- Monitoring and assigning incidents to the appropriate end user 
- Tracking DLP incident, false positive, and remediation trends

Join us as we explore how you can dramatically improve enterprise security through cross-team collaboration that connects the incident response and vulnerability response processes to the rest of the enterprise. In addition, learn how ServiceNow Security Operations solutions help you gain the insight and visibility you need, into the most critical areas of your infrastructure, to accelerate response time to threats and reduce risk.

Transform enterprise security with enterprise-wide collaboration and visibility

Protecting enterprises today is defined by your ability to stay ahead of threats, which requires integrating vast numbers of security tools, correlating key enrichment data, and developing the right workflow and playbooks. You’re also on the hook for delivering the analytics executive leadership requires for assessing your organization’s security posture. Otherwise, you’re sitting exposed to the next big attack. At ServiceNow®, we’ve faced and overcame these challenges.

Join this session to see how we used our own history and expertise in empowering enterprise cyber-defense, maturing teams, and scaling the Security Operations Center (SOC). You’ll get insights and lessons learned on how our ServiceNow SOC analysts used ServiceNow Security Incident Response (SIR) to:

- Protect our organization—one of the fastest growing SaaS companies out there
- Provide the performance metrics you need for assessing your SOC’s capacity and maturity
- Gain insights into threat impacts and risks to effectively evolve your security team and response workflow

Now on Now: Lessons learned from evolving our own SOC

ServiceNow

ITSM

IT Security

SecOps

SaaS

Incident Response

Threat Assessment

Cyber Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Finance

Get powerful operations insights for your business. Connect with experts and colleagues to get the most up-to-date knowledge on which systems and processes are driving operational efficiency, maximizing value and customer success.

Operations

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Now on Now: Lessons learned from evolving our own SOC

Presented by

About this talk

More from this channel