Live Webinar | How Security Automation Can Help Organisations Mature Their SOC Capabilities
A recent Gartner market guide* recommended that security leaders should consider Security Automation, Orchestration and Response (SOAR) tools to improve security operations efficiency and efficacy, but also stated that only 5% of organizations are using such tools today.
A barrier to adoption can be a lack in maturity around security operations and incident response processes. In order to take full advantage of SOAR tools, different functions inside the security team need to think about how they can standardize their processes and procedures to meet common use cases. Some common examples here could include, incident response (IR) playbooks to address specific threat types such as ransomware, phishing, DDOS and threat hunting scenarios where multiple threat intelligence feeds are combined with SIEM data to trigger hunting workflows, and the day-to-day business of the SOC, where automation can assist in triage and time management for security analysts.
This webinar, co-hosted by IBM Security and EY, will discuss best practice around standardizing these different security playbooks and implementing automation use cases to deliver most efficient and effective security operations processes.
*(Market Guide for Security Orchestration, Automation and Response Solutions, Gartner, June 2019)