The two-day event showcases government, industry, critical infrastructure, operations and research perspectives and is hosted by Johns Hopkins University Applied Physics Laboratory in collaboration with the National Security Agency (NSA) and the Department of Homeland Security (DHS). The goal of the event is to dramatically change the timeline and effectiveness of cyber defenses via integration, automation, and information sharing.
Matt and Tom’s presentation will explore the challenges of creating security automation and orchestration workflows that are designed to keep up with the rapid pace of cybersecurity and share some of the lessons they have learned over the years. The engineering principles they will discuss include:
- Establishing Practical Standard Operating Procedures
- Standardizing Data Collection and Process Outputs
- Assigning the Most-Qualified Owner to Process Workflows
- Implementing Single-Pane-of-Glass Curation from Disparate Security Tools
- Creating a Modular, Templated App Framework
- Automating and Documenting the Automation Deployment Lifecycle
Brian Kafenbaum, Managing Partner of Phoenix Cybersecurity, commented “As an IACD Integrator, we are excited to share the best practices that Matt and Tom have developed over the years. Our automated apps and architecture allow us to minimize the case management content we gather during the triage process for the large volumes of false positives, but really go deep and thoroughly collect robust data sets from multiple sources for suspicious and confirmed malicious incidents. Delivering this information to security analysts in a curated, single pane of glass allows them to remediate cases quickly and accurately.”
If you have questions or need help implementing Security Orchestration, Automation and Response tools within your organization, you can contact us at firstname.lastname@example.org or visit www.phxcyber.com.
About Phoenix Cybersecurity
Phoenix Cybersecurity is a national provider of cybersecurity engineering, operations, sustainment and managed security services to enterprise and government organizations determined to strengthen their security posture and enhance the processes and technology used by their security operations center. Our team comprises senior cybersecurity consultants and engineers with expertise in architecting results-oriented, cybersecurity frameworks; and the operational processes to ensure accurate incident detection, enrichment and response. Our unique blend of security automation, orchestration and proven best practices differentiates Phoenix-architected solutions from traditional cybersecurity services. For more information, visit www.phxcyber.com.