Efficient Triage and Response Using Intelligence-Driven Orchestration

Mixing threat intelligence with orchestration playbooks delivers faster, more effective response

Finding ways to increase speed, accuracy, and efficiency when responding to threats should be the goal of any security team. Baking threat intelligence into the day-to-day efforts of detecting and responding to threats is a great way to see some of these benefits. Going further and leveraging the power of a playbook-driven orchestration platform can dramatically improve efficiency and consistency.

In this webinar, these concepts will be explored with practical guidance on how to use threat intelligence to feed orchestration which in-turn can drive automated triage or defensive actions. The result is a well-oiled machine where analysts can be situationally aware and quickly drive appropriate response to threats.

Available:
Thu, Aug 31, 2017 10:00 AM PDT / 01:00 PM EDT
Duration:
1h 00min

When you attend this webinar, you will:

  • Understand how intelligence can be used to reduce false positives, add context to detections, and provide direction on the most critical events to respond to
  • Know how intelligence should feed into and be fed by incident response activities
  • Recognize areas where orchestration can help automate repetitive analyst tasks
  • Get the basics of how to build an efficient response system that is tuned to your environment

Featured Speakers

  • Travis  Farral
    Travis Farral
    Director of Security Strategy
    Anomali

    Travis Farral is the Director of Security Strategy for Anomali. With over 20 years of security industry experience, he has developed a strong background in threat intelligence, incident response, and Industrial Control Systems security. Previously Travis ran the Cybersecurity Intelligence & Strategic Services team at ExxonMobil and spent several years at companies such as Nokia and XTO Energy.

  • Paul  Davis
    Paul Davis
    VP of Delivery
    Phantom

    Paul is a seasoned IT Security Executive with a global reputation for building organizations and delivering services. He has more than 20 years of experience working with security operations teams and solving security challenges at top companies including EDS, General Motors, GE, Cisco, Dow Chemical, The Washington Post, The United Nations, MCI, Prudential, and Mitsui. Prior to joining Phantom, Paul held a number of senior leadership roles including EDS’ Chief Information Security Officer at General Motors, Chief Security Officer at Dow Chemical, and Director of Security Operations for a major financial exchange. Paul earned a CISSP certification, and is a member of ISSA, IACs, and the MIT Enterprise Forum of Cambridge.

Sponsored By