Today’s security professionals don’t have it easy. When you aren’t fighting the adversaries, you are tasked with planning a sustainable security operations program while navigating the variety of options provided by vendors today. Should your company:
- Start with centralized log management and an incident response retainer?
- Build an in-house SOC with a co-managed SIEM?
- Outsource detection and response via Managed Detection and Response?
In this webcast, you’ll get the latest take from our guest speaker, Forrester principal analyst, Joseph Blankenship, who researches Security Analytics platforms, SIEM, and MSSPs, and two Rapid7 customers. We’ll cover:
- How Security Analytics and SIEM have evolved, along with key buying criteria
- Managed Detection and Response: Are vendors meeting their bold claims?
- Processes: What are surprising time sucks, and what’s ripe for automation?
- Future Investments: Is it Security Automation & Orchestration, or something else?
Principal Analyst, Forrester
Joseph supports security and risk professionals, helping clients develop security strategies and make informed decisions to protect against risk. He covers security infrastructure and operations, including tools for the security operations center (SOC) such as security information and event management (SIEM), security analytics, and security automation and orchestration (SAO). He also covers security topics like artificial intelligence (AI) for cybersecurity, email security, distributed denial of service (DDoS), and network security. His research focuses on security monitoring, threat detection, insider threat, phishing prevention, operations, and management.
Database Administrator, Bow Valley College
James Cairns’ technology background spans over a decade and includes a wide variety of experience, ranging from custom development and administration of complex systems to solution design, integration and implementation. His current focus is on security architecture, risk analysis, mitigation and compliance.
Network and Security Admin, Patagonia
Charles Chastain is currently the Network and Security Administrator at Patagonia. In this role, his primary responsibilities include implementation of Cisco Network Administration and monitoring logs via SIEM implementation. Charles has worked at Patagonia for more than 10 years, previously holding roles in the IT team. He currently holds SANS GISF, GCIA and GMON certificates.
Sr. Solutions Mgr., Detection and Response, Rapid7
As a solutions manager for Rapid7’s Incident Detection & Response offerings, Eric Sun works closely with Rapid7's penetration testers and managed SOC to help security teams model their programs after the intruder attack chain. He also brings an understanding of behavior analytics and risk management from his many years in Asia as a professional poker player.