Masterclass brought to you by

SOC Masterclass - On Demand

WATCH NOW

SESSIONS

WHAT TO LOOK FOR IN A SOC LEADER

Speaker: Adam Drabik, CISO, CyberProof & Matt Prezbindowski, Vice President CISO Infrastructure & Operations at State Auto Insurance

 

Running the organization’s cyber defense operations requires a leader with both experience and skill sets in providing technical guidance to security leadership and motivation to the security operations team. 

But what are the exact traits and scenarios security leaders will be looking for when hiring a SOC leader? Those looking to further their career or improve their SOC leadership skills should attend this session.

WATCH NOW

BUILDING A MODERN SOC

Speakers: Chris Crowley, SANS Senior Instructor at SANS Institute & Ben Chant, Cyber Security Evangelist at CyberProof

Are you looking to build or mature your SOC? Unique challenges in 2021 have driven nuances in how to set up and optimize Security Operations functions such as remote working practices and new technologies. 

In this session, we’ll go through the essential steps involved in planning the teams, processes, and technologies that make up a modern SOC, including:

  • Functional design of a SOC
  • Business alignment
  • Operational processes
  • Staff
  • Key metrics

This session will also feature a short breakout activity for attendees to work together and test their knowledge.

WATCH NOW

OBTAINING ACTIONABLE THREAT INTELLIGENCE THROUGH AUTOMATION 

Speakers: Orel Pery, Cyber Threat Intelligence Team Leader, CyberProof & Dov Lerner, Security Research Lead, Cybersixgill

Not all threat intelligence is created equal. Having the right people and processes in place is part of the solution to turn generic insights into targeted intelligence. But in order to collect, normalize and analyze the vast amounts of data available to us quickly, we need to bring in the power of automation as well. 

Orel Pery of CyberProof’s Cyber Threat Intelligence (CTI) team, together with Dov Lerner will explore several scenarios on how to integrate automation into your CTI processes. She will discuss how to provide actionable threat intelligence to security operations teams from different sources - including the dark web - for faster, more effective incident response.

WATCH NOW

PLANNING A THREAT HUNTING PROGRAM 

Speakers: Aviel Golrochi,  Threat Hunter Team Leader, CyberProof & Howard Silverman, Head of Marketing, CyberProof

Threat Hunting has become an essential discipline for security operations teams, due to the persistence of attackers in evading perimeter controls and moving laterally within the network. So how can you integrate this capability efficiently into your SOC?

In this session, we’ll provide practical tips, techniques and a proven methodology that your analysts and threat hunters should use. We'll explore how to identify threats covering everything from developing hypotheses and locating infection evidence across environments to providing indicators for attack detection and mitigation strategies.

WATCH NOW

OPTIMIZING YOUR AZURE SENTINEL PLATFORM

Speakers: Saggie Haim, Cloud Security Architect at CyberProof & Javier Soriano, Senior Program Manager, Azure Sentinel at Microsoft

Many organizations with investments in Azure are naturally looking to integrate Azure Sentinel and customize it for their unique needs. But those with complex, hybrid environments, or with large volumes of data and legacy technology stacks find it difficult to focus more of their time on enabling Azure Sentinel's advanced capabilities for more proactive, measurable threat management. 

In this session, Saggie Haim will be joined by Microsoft's Azure Sentinel expert, Javier Soriano to show you what you can be doing now to further your cloud-native threat detection and response maturity.

In this workshop, you'll learn how to:

  • Adopt an agile process for threat hunting with KQL query tricks
  • Create KPI-driven reports you never thought you could have
  • Optimize log ingestion and retention process and costs 
  • Enrich and correlating events with Watchlists
  • Enable faster deployments and configurations with a CI/CD model

WATCH NOW

EMPOWERING THE SOC TO DRIVE SECURITY SPENDING

Speakers: Bruce Roton, VP/Global Head of Security Strategy, CyberProof & Ben Chant, Cyber Security Evangelist, CyberProof

SOC teams are being challenged with achieving two objectives – 1) Stay on top of new threats and 2) Cut operating costs. To achieve both, we need to empower the SOC to drive cyber defense priorities rather than being told to monitor what has already been implemented.

In this session, we’ll share a proven framework with real-life examples of how the SOC can drive security spend while continuously adapting their defenses to new threats.

This will include:
  • Getting out of the infrastructure-driven approach
  • Aligning Risk and SOC teams
  • Real-life examples of how the SOC can align spend to threat coverage

This session will also feature a short breakout activity for attendees to work together and test their knowledge.

WATCH NOW

UNDERSTANDING AND MANAGING OT SECURITY RISK 

Speakers: Jaimon Thomas, Global Head, Security Solutions & Services, CyberProof & Rani Kehat, CISO, Radiflow

As security leaders plan their roadmap for OT Security, it’s important to understand how the Security Operations Center (SOC) will need to adapt their processes to OT-related environments. In this session, we’ll focus on what the top priorities should be for organizations looking to protect their OT/ICS assets. 

We’ll also hear from the CISO of Radiflow on how he works with organizations to help them understand and manage OT risk.

WATCH NOW

ENSURING A SUCCESSFUL XDR ADOPTION

Speaker: Omri Shamir, SIEM Engineer, CyberProof and Omri Shmul, Professional Services Engineer, CyberProof

With the adoption of XDR technology, security buyers are looking for clarity on how it compares with its EDR predecessor and how the SIEM and SOAR technologies will adapt to fit the market need of wider visibility.

WATCH NOW

In this session, we’ll take you a defined process for evaluating these technologies against common business requirements including:

  • Data collection and normalization
  • Use Case development
  • Customizing response actions
  • Measuring the success of XDR

RED VS. BLUE: THE IMPORTANCE OF ATTACK SIMULATIONS 

Speakers: Nir Aharon, Incident Response at CyberProof & Aviel Golrochi,  Threat Hunter Team Leader at CyberProof

From an operational perspective, running attack simulations enables your cyber defense team members to sharpen their incident management and collaboration skills in detecting and responding to the most likely threats. But how should they be carried out in a typical organization?

 

In this presentation, Threat Hunter Aviel Golrochi and SOC analyst Nir Aharon discuss the need for and benefits of conducting attack simulations. Aviel will be representing “Blue Teaming” - the defensive side of attack simulations - while Nir will explore “Red Teaming” activities.

WATCH NOW