GovWare Conference 2021 Full Agenda


Automate SOC Analysis, Not Just SOC Processes

05 Oct 2021
Emerging Security Technology

Organizations can have dozens of layers of security controls. All of those controls create a deluge of events, which human analysts then need to triage. The alerts never stop, and 'alert fatigue' can be a real problem. SOAR, SIEM, and even XDR can help some, but in the end their output is being processed by an L1 analyst. What if we could take a step in the direction of an autonomous SOC ' one where machines performed the tedious and repetitive L1 triage freeing up L1 analysts to work on the more interesting and challenging work of L2/L3 analysis? It's a win for those analysts and a win for their organization. We'll take a look into Mandiant's Automated Defense, part of the Mandiant Advantage Platform. We'll also share a demo of how an analyst starts with an automated triage report of a fully scoped attack and finishes by validating security control effectiveness against other tactics that actor is known to used base on threat intelligence.

Steve Ledzian, Vice President, Chief Technology Officer - APAC - FireEye Mandiant