Actions Panel
Building an Effective Security Operations Center
Date and time
Location
Sheraton Valley Forge Hotel
480 North Gulph Road King of Prussia, PA 19406Description
As the cyber landscape continues to evolve, organizations are constantly struggling to keep the lights on while defending against advanced persistent threats. Many IT teams base their program on compliance, but miss some of the fundamental blocking and tackling steps necessary to keep your company out of the news. Join us for this half day event, including lunch, to dive into some of the more complex tasks necessary to build an effective Security Operations Center (SOC) capability. From the users, to the systems, to the cloud, our team will walk attendees through the different challenges and opportunities that arise when trying to build a SOC.
Sessions will include:
-
Monitoring and Controlling Your Users
Most IT teams spend a significant amount of effort focusing on securing network devices, servers, and other infrastructure while ignoring what’s happening with the users on email, shared drives, SharePoint, and other unstructured data. This session will dig into what the users are doing, and demonstrate how you can use Varonis DATAdvantage to monitor who has access to data that shouldn’t, identify and stop user behavior anomalies, identify and block ransomware attacks, and understand what happened to each and every file down to the user level (including who looked at files on shared drives). -
Building Your On-Premise SIEM
There are so many different software solutions that most security analysts and system administrators don’t have the time to monitor each device individually. Centralizing logging from multiple systems into a single pane of glass for reporting and alerting can reduce the need for staff and the time it takes to identify an intrusion from days to minutes. Using IBM QRadar as an example, this session will illustrate how to centrally correlate system logs, NETFLOW, VFLOW, cloud systems, vulnerability scanning, and user behavior analytics into a single platform as the backbone for a security operations center. -
Staffing and Managing Your SOC
Finding the right security personnel can be difficult and expensive. Furthermore, most companies don’t know the right balance of skills that are needed to quickly sift through all the noise and defend against legitimate attacks. This session will review the types of skills required, what you can expect to pay, options for outsourcing, and the types of dashboards and reporting you need to build an effective SOC.
-
Watching Your Cloud
You have moved workloads to the cloud and think you’re off the hook for security…think again. While your provider may be managing some things, if you aren’t vigilant about watching and protecting the remainder, you could still be at risk. This session will cover what you can expect from your provider, the fine print you need to review before signing on with a provider, and how to monitor and control your cloud systems.
Seats are limited and registration is required. We hope you can join us on March 15th!