Sponsors
.png){kind=logo}
Agenda | November 7, 2024 | 8:30AM - 3:00PM ET
Timeline (EDT) | Session Details |
|---|---|
8:30 AM | Welcome & Opening RemarksChris Crowley, Senior Instructor, SANS Institute and Independent Consultant, Montance, LLC |
8:50 AM | Session One | AI-Powered SOC: Goodbye to False Promises and False PositivesSOC teams have heard a lot of false promises before—automation that never quite delivers and tools that add complexity instead of reducing it. This session dives into how AI-powered SOC automation is finally delivering on those promises. By eliminating false positives and automatically triaging alerts in minutes, AI is transforming the way SOC analysts work. In this session, we’ll dive into how AI-driven security operations are reducing noise, boosting capacity, and allowing analysts to focus on the real threats that matter. Itai Tevet, CEO & Co-Founder, Intezer |
9:20 AM | Session Two | Why Always-On Packet Capture is a Foundation of Effective Cyber DefenseProtecting critical infrastructure and services from cyber attack – including Nation State actors - requires rapid incident response to prevent escalation. Drawing on experience with global customers in Defense, Government and Critical Infrastructure we’ll outline why packet data is critical for effective network security. And how by combining Endace's always-on, hybrid-cloud packet capture with your SOC and SOAR tools you can ensure you record the vital forensic evidence your security teams need to respond to incidents faster, and more accurately, without guesswork. Michael Morris, Director of Technology Alliances, Endace |
10:00 AM | Break |
10:15 AM | Session Three | Filling the Gaps: How GenAI Automation Extends SOC Detection CoverageIn today’s SOCs, limited staff and increasing threats make it difficult to keep up with the volume of alerts. GenAI is poised to change that. This session will explore how GenAI automation can improve SOC operations, specifically for detection and response programs. Two GenAI pioneers will discuss how AI augments human analysts and will help SOCs cover a wider range of threats with existing staffing levels.
Edward Wu, Founder & CEO, Dropzone AI Daniel Miessler, Founder, Unsupervised Learning |
10:45 AM | Session Four | WTF is Security Hyperautomation?Most organizations agree, legacy SOAR is overly complex, expensive, and time-consuming. So, what’s the solution? Gartner has identified Hyperautomation as a leading emerging technology and trend in cybersecurity for 2024. But what in the world is Security Hyperautomation? In this session, we will answer all of your Hyperautomation questions and leave you with an understanding of why Gartner has placed SOAR at the bottom of the "Trough of Disillusionment" in their Hype Cycle for ITSM (2024). Bob Boyle, Product Marketing Manager, Torq |
11:15 AM | Session Five | Intelligence-Driven Security Operations: A Turnkey ApproachWhile many organizations have threat intelligence as part of their security operations program, most struggle to apply it effectively, and lack the required resources and expertise to keep up with the latest threat actors and TTPs. In this session, we’ll take a look how an intelligence-driven approach to security operations can deliver turnkey outcomes with threat intelligence that’s personalized, relevant, and seamlessly embedded. Keith Manville, Senior Security Engineer, Google Cloud |
11:45 AM | Break |
12:00 PM | Session Six | Keynote: Days of Future Past: The Impacts of GenAl on CybersecurityJoin Rob Lee for an in-depth, hour-long, thought-provoking session on Generative AI and how it is re-shaping cybersecurity and the professionals within it. You'll learn: Rob Lee, Chief of Research and Head of Faculty, SANS Institute |
12:50 PM | Afternoon Kick-offChris Crowley, Senior Instructor, SANS Institute and Independent Consultant, Montance, LLC |
1:00 PM | Session Seven | Enabling Unified Network Forensics for Multi-Cloud and Hybrid-Cloud EnvironmentsIn this session, we'll discuss why packet capture in the cloud is every bit as important for cybersecurity teams as it is in on-premise environments. We'll demonstrate how you can deploy scalable packet capture in multi-cloud and hybrid-cloud environments. Finally we'll demonstrate how it's possible to provide full visibility into activity across your entire Hybrid Cloud network from a single pane-of-glass with forensic evidence integrated into your SOC/SOAR workflows and tools for faster, more accurate incident investigation and response. Cary Wright, VP Product Management, Endace |
1:20 PM | Session Eight | Agentic AI-Powered SOCs: Overcoming SOAR’s Unfulfilled PromisesSOAR technologies were meant to revolutionize Security Operations Centers (SOCs), but after three generations, the promise remains unfulfilled. This webinar will show how Agentic AI, a cutting-edge use of generative AI, surpasses SOAR’s limitations by automating complex triage and investigation processes that have long hindered automation. By finally addressing these bottlenecks, Agentic AI fulfills the long-awaited promise of SOC automation, driving efficiency and effectiveness. Key Takeaways: - Why SOAR failed to fully automate SOCs. - How Agentic AI automates complex investigation processes - The benefits SOCs should expect when using Agentic AI for automation Shahar Ben-Hador, CEO and Co-founder, Radiant Security |
1:50 PM | Break |
2:05 PM | Session Nine | SOC & SOAR Fireside Chat
Michael Morris, Director of Technology Alliances, Endace Cary Wright, VP Product Management, Endace |
2:50 PM | Wrap-UpChris Crowley, Senior Instructor, SANS Institute and Independent Consultant, Montance, LLC |
