This presentation showcased live during the DNIF KONNECT meetup on 19th December 2019. We have our presenter: Ruchir Shah- Account Manager at DNIF, walk us through the importance of SOAR
Some key points discussed during the meetup:
-Understand, what is SOAR.
-The problems a SOAR solution solves.
-Real-time demo by DNIF expert on SOAR.
Watch the full presentation here: https://www.youtube.com/watch?v=bCp-WAs6w5I
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
You own a SIEM, but to be secure, you need a Security Operations Center! How do you cross the chasm? Do you hire staff or outsource? And what skills are needed? Mike Ostrowski, a cybersecurity industry veteran, will review common pitfalls experienced through the journey from SIEM to SOC, the pros and cons of an all in-house SOC vs. outsourcing, and the benefits of a hybrid SOC model.
Learning Objectives:
1: You own a SIEM, but to be secure, you need a SOC. How do you cross the chasm?
2: What are the pros and cons of in-house, fully managed and hybrid security?
3: What considerations go into deciding whether to employ a hybrid strategy?
(Source: RSA Conference USA 2018)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
So, you need to build a Security Operations Center (SOC)? What does that mean? What does the modern SOC need to do? Learn from Dr. Terry Brugger, who has been doing information security work for over 15 years, including building out a SOC for a large Federal agency and consulting for numerous large enterprises on their security operations.
Watch the presentation with audio here: http://info.sqrrl.com/sqrrl-october-webinar-next-generation-soc
Get advice from security gurus on how to get up & running with SIEM quickly and painlessly. You'll learn about log collection, log management, log correlation, integrated data sources and how-to leverage threat intelligence into your SIEM implementation.
It’s a fair question and one that is compounded by the convergence we see happening across many categories within cybersecurity. Security operations teams have a broad spectrum of choices from pure-play security orchestration and automation platforms to traditional SIEMs that are adding orchestration capabilities.
Visit - https://siemplify.co/blog/do-i-need-a-siem-if-i-have-soar/
Cyber Security Trends
Business Concerns
Cyber Threats
The Solutions
Security Operation Center
requirement
SOC Architecture model
SOC Implementation
SOC & NOC
SOC & CSIRT
SIEM & Correlation
-----------------------------------------------------------
Definition
Gartner defines a SOC as both a team, often operating in shifts around the clock, and a facility dedicated to and organized to prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfill and assess regulatory compliance. The term "cybersecurity operation center "is often used synonymously for SOC.
A network operations center (NOC) is not a SOC, which focuses on network device management rather than detecting and responding to cybersecurity incidents. Coordination between the two is common, however.
A managed security service is not the same as having a SOC — although a service provider may offer services from a SOC. A managed service is a shared resource and not solely dedicated to a single organization or entity. Similarly, there is no such thing as a managed SOC.
Most of the technologies, processes and best practices that are used in a SOC are not specific to a SOC. Incident response or vulnerability management remain the same, whether delivered from a SOC or not. It is a meta-topic, involving many security domains and disciplines, and depending on the services and functions that are delivered by the SOC.
Services that often reside in a SOC are:
• Cyber security incident response
• Malware analysis
• Forensic analysis
• Threat intelligence analysis
• Risk analytics and attack path modeling
• Countermeasure implementation
• Vulnerability assessment
• Vulnerability analysis
• Penetration testing
• Remediation prioritization and coordination
• Security intelligence collection and fusion
• Security architecture design
• Security consulting
• Security awareness training
• Security audit data collection and distribution
Alternative names for SOC :
Security defense center (SDC)
Security intelligence center
Cyber security center
Threat defense center
security intelligence and operations center (SIOC)
Infrastructure Protection Centre (IPC)
مرکز عملیات امنیت
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
You own a SIEM, but to be secure, you need a Security Operations Center! How do you cross the chasm? Do you hire staff or outsource? And what skills are needed? Mike Ostrowski, a cybersecurity industry veteran, will review common pitfalls experienced through the journey from SIEM to SOC, the pros and cons of an all in-house SOC vs. outsourcing, and the benefits of a hybrid SOC model.
Learning Objectives:
1: You own a SIEM, but to be secure, you need a SOC. How do you cross the chasm?
2: What are the pros and cons of in-house, fully managed and hybrid security?
3: What considerations go into deciding whether to employ a hybrid strategy?
(Source: RSA Conference USA 2018)
Building a Next-Generation Security Operations Center (SOC)Sqrrl
So, you need to build a Security Operations Center (SOC)? What does that mean? What does the modern SOC need to do? Learn from Dr. Terry Brugger, who has been doing information security work for over 15 years, including building out a SOC for a large Federal agency and consulting for numerous large enterprises on their security operations.
Watch the presentation with audio here: http://info.sqrrl.com/sqrrl-october-webinar-next-generation-soc
Get advice from security gurus on how to get up & running with SIEM quickly and painlessly. You'll learn about log collection, log management, log correlation, integrated data sources and how-to leverage threat intelligence into your SIEM implementation.
It’s a fair question and one that is compounded by the convergence we see happening across many categories within cybersecurity. Security operations teams have a broad spectrum of choices from pure-play security orchestration and automation platforms to traditional SIEMs that are adding orchestration capabilities.
Visit - https://siemplify.co/blog/do-i-need-a-siem-if-i-have-soar/
Cyber Security Trends
Business Concerns
Cyber Threats
The Solutions
Security Operation Center
requirement
SOC Architecture model
SOC Implementation
SOC & NOC
SOC & CSIRT
SIEM & Correlation
-----------------------------------------------------------
Definition
Gartner defines a SOC as both a team, often operating in shifts around the clock, and a facility dedicated to and organized to prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfill and assess regulatory compliance. The term "cybersecurity operation center "is often used synonymously for SOC.
A network operations center (NOC) is not a SOC, which focuses on network device management rather than detecting and responding to cybersecurity incidents. Coordination between the two is common, however.
A managed security service is not the same as having a SOC — although a service provider may offer services from a SOC. A managed service is a shared resource and not solely dedicated to a single organization or entity. Similarly, there is no such thing as a managed SOC.
Most of the technologies, processes and best practices that are used in a SOC are not specific to a SOC. Incident response or vulnerability management remain the same, whether delivered from a SOC or not. It is a meta-topic, involving many security domains and disciplines, and depending on the services and functions that are delivered by the SOC.
Services that often reside in a SOC are:
• Cyber security incident response
• Malware analysis
• Forensic analysis
• Threat intelligence analysis
• Risk analytics and attack path modeling
• Countermeasure implementation
• Vulnerability assessment
• Vulnerability analysis
• Penetration testing
• Remediation prioritization and coordination
• Security intelligence collection and fusion
• Security architecture design
• Security consulting
• Security awareness training
• Security audit data collection and distribution
Alternative names for SOC :
Security defense center (SDC)
Security intelligence center
Cyber security center
Threat defense center
security intelligence and operations center (SIOC)
Infrastructure Protection Centre (IPC)
مرکز عملیات امنیت
Security Operations Center (SOC) Essentials for the SMEAlienVault
Closing the gaps in security controls, systems, people and processes is not an easy feat, particularly for IT practitioners in smaller organizations with limited budgets and few (if any) dedicated security staff. So, what are the essential security capabilities needed to establish a security operations center and start closing those gaps?
Join Javvad Malik of 451 Research and Patrick Bedwell, VP of Product Marketing at AlienVault for this session covering:
*Developments in the threat landscape driving a shift from preventative to detective controls
*Essential security controls needed to defend against modern threats
*Fundamentals for evaluating a security approach that will work for you, not against you
*How a unified approach to security visibility can help you get from install to insight more quickly
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
Security information and event management (SIEM) solutions have entered the market to provide security intelligence and automate managing terabytes of log data for IT security. SIEM solutions monitor network systems, devices, and applications in real time, providing security intelligence for IT professionals to mitigate threats, correlate events, identify the root cause of security incidents, and meet compliance requirements.
Most organizations think that SIEM solutions have a steep learning curve and are expensive, complex, and hard to deploy. This claim may be true about many SIEM vendors. However, the right SIEM solution is one that can be easily deployed, is cost-effective, and meets all your IT security needs with a single tool.
ManageEngine's SIEM Expert, Joel Fernandes will discuss on 8 things every IT manager should know about choosing an SIEM Solution.
You'll learn how to:
Choose an SIEM solution
Monitor user activity to curb insider threat
Proactively mitigate sophisticated cyber-attacks
Meet IT Compliance Requirements
SIEM : Security Information and Event Management SHRIYARAI4
SIEM is a tool that collects, aggregates, normalizes the data and analyzes it according to pre-set rules and presents the data in human readable format
LTS Secure Security Information and Event Management (SIEM), is a technology that provides real-time analysis of security alerts generated by network hardware and applications.
SOC presentation- Building a Security Operations CenterMichael Nickle
Presentation I used to give on the topic of using a SIM/SIEM to unify the information stream flowing into the SOC. This piece of collateral was used to help close the largest SIEM deal (Product and services) that my employer achieved with this product line.
Security Incident Event Management
Real time monitoring of Servers, Network Devices.
Correlation of Events
Analysis and reporting of Security Incidents.
Threat Intelligence
Long term storage
The session theme is "Threat Management, Next Generation Security Operations Center".
The session focuses how security information and event management can help enterprises to collects data from the heterogeneous landscape to have incident response plans and have automation in the entire security operations framework.
The session is handled by The session will be handled by Mr.Ravi Shankar Mallah, Architect / IBM security Specialist – Resilient & i2.
Ravi has over 13+ years of experience in the field of Cyber security. Over the course of his career he has been involved in building & running multiple enterprise level SOC while taking care of both perimeter and internal security of these setup. He also enjoys real life experience of various Security related technologies such as SIEM, SOAR, IPS, firewalls, Vulnerability management, Anti-APT solutions etc.
In his current role at IBM he is working as an Architect and enjoys the role of specialist for Incident Response Platform (IRP) and Threat Hunting
An in-depth look at:
1. Disruptive Technology and its impact on organizations.
2. Need for a Security Operations Center (SOC) for the 21st century businesses
3. Designing and operating an effective SOC - what it takes to run a successful SOC starting from how we should prepare our minds in terms of approach to the actual implementation and operation.
4. Qualities any SOC Analyst should possess
5. Measuring the success of a SOC - We discuss critical factors to consider when determining the success of a SOC.
What is SIEM? A Brilliant Guide to the BasicsSagar Joshi
SIEM is a technological solution that collects and aggregates logs from various data sources, discovers trends, and alerts when it spots anomalous activity, like a possible security threat.
SOAR Platform open-source marketplace helps to access the integration for a specific product. You can contact the experts at Securaa.io . https://www.securaa.io/soar-platform/
Security Operations Center (SOC) Essentials for the SMEAlienVault
Closing the gaps in security controls, systems, people and processes is not an easy feat, particularly for IT practitioners in smaller organizations with limited budgets and few (if any) dedicated security staff. So, what are the essential security capabilities needed to establish a security operations center and start closing those gaps?
Join Javvad Malik of 451 Research and Patrick Bedwell, VP of Product Marketing at AlienVault for this session covering:
*Developments in the threat landscape driving a shift from preventative to detective controls
*Essential security controls needed to defend against modern threats
*Fundamentals for evaluating a security approach that will work for you, not against you
*How a unified approach to security visibility can help you get from install to insight more quickly
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
Security information and event management (SIEM) solutions have entered the market to provide security intelligence and automate managing terabytes of log data for IT security. SIEM solutions monitor network systems, devices, and applications in real time, providing security intelligence for IT professionals to mitigate threats, correlate events, identify the root cause of security incidents, and meet compliance requirements.
Most organizations think that SIEM solutions have a steep learning curve and are expensive, complex, and hard to deploy. This claim may be true about many SIEM vendors. However, the right SIEM solution is one that can be easily deployed, is cost-effective, and meets all your IT security needs with a single tool.
ManageEngine's SIEM Expert, Joel Fernandes will discuss on 8 things every IT manager should know about choosing an SIEM Solution.
You'll learn how to:
Choose an SIEM solution
Monitor user activity to curb insider threat
Proactively mitigate sophisticated cyber-attacks
Meet IT Compliance Requirements
SIEM : Security Information and Event Management SHRIYARAI4
SIEM is a tool that collects, aggregates, normalizes the data and analyzes it according to pre-set rules and presents the data in human readable format
LTS Secure Security Information and Event Management (SIEM), is a technology that provides real-time analysis of security alerts generated by network hardware and applications.
SOC presentation- Building a Security Operations CenterMichael Nickle
Presentation I used to give on the topic of using a SIM/SIEM to unify the information stream flowing into the SOC. This piece of collateral was used to help close the largest SIEM deal (Product and services) that my employer achieved with this product line.
Security Incident Event Management
Real time monitoring of Servers, Network Devices.
Correlation of Events
Analysis and reporting of Security Incidents.
Threat Intelligence
Long term storage
The session theme is "Threat Management, Next Generation Security Operations Center".
The session focuses how security information and event management can help enterprises to collects data from the heterogeneous landscape to have incident response plans and have automation in the entire security operations framework.
The session is handled by The session will be handled by Mr.Ravi Shankar Mallah, Architect / IBM security Specialist – Resilient & i2.
Ravi has over 13+ years of experience in the field of Cyber security. Over the course of his career he has been involved in building & running multiple enterprise level SOC while taking care of both perimeter and internal security of these setup. He also enjoys real life experience of various Security related technologies such as SIEM, SOAR, IPS, firewalls, Vulnerability management, Anti-APT solutions etc.
In his current role at IBM he is working as an Architect and enjoys the role of specialist for Incident Response Platform (IRP) and Threat Hunting
An in-depth look at:
1. Disruptive Technology and its impact on organizations.
2. Need for a Security Operations Center (SOC) for the 21st century businesses
3. Designing and operating an effective SOC - what it takes to run a successful SOC starting from how we should prepare our minds in terms of approach to the actual implementation and operation.
4. Qualities any SOC Analyst should possess
5. Measuring the success of a SOC - We discuss critical factors to consider when determining the success of a SOC.
What is SIEM? A Brilliant Guide to the BasicsSagar Joshi
SIEM is a technological solution that collects and aggregates logs from various data sources, discovers trends, and alerts when it spots anomalous activity, like a possible security threat.
SOAR Platform open-source marketplace helps to access the integration for a specific product. You can contact the experts at Securaa.io . https://www.securaa.io/soar-platform/
10X SOC - SANS Blue Summit Keynote 2021 - Anton ChuvakinAnton Chuvakin
Can We REALLY 10X the SOC? by Dr Anton Chuvakin
Many organizations promise to transform your security operations center (SOC) with technology, advice or their personnel. However, what does it take to really transform your SOC to be ready for future threats? Is this an impossible problem? Is this something that can be only done by well funded organizations? Let's explore these and other questions in this talk.
https://www.sans.org/cyber-security-training-events/blue-team-summit-2021/#agenda
Optimize your cyber security with soar toolsSecuraa
SOAR tools are mostly used for incident response, orchestration of workflows, and automation. Threat intelligence management is a vital SOAR Tool functionality. https://www.securaa.io/optimize-your-cyber-security-with-soar-tools/
SOAR Cybersecurity is constantly evolving and changing, with the rapid influx of latest technologies, hacking methodologies, and advanced software. https://www.securaa.io/soar-cybersecurity/
One of the advantages of orchestration is the ability to correlate alerts from a wide variety of technologies and products. This goes well beyond just SIEM. A SOAR tool should be able to integrate with different products across security technologies, such as:
Proactive Approach to OT incident response - HOUSECCON 2023Chris Sistrunk
This talk discusses practical approaches to OT incident response, that will leverage the people, processes, tools, and relationships you most likely already have.
Incident response (IR) is the systematic response and management of events following a cyber attack or any security breach. It involves a series of actions and activities aimed at reducing the impact of security breaches and cyber attacks on organizations.
Visit - https://www.siemplify.co/
SOAR stands for Security Orchestration, Automation, and Response. SOAR is extremely important for any organization to fight any cybersecurity issues in an organization.
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentInfocyte
This webinar and presentation outlines the Infocyte HUNT threat detection and incident response platform, and how it enables state and local government organizations:
- Reduce risk across local, off-network, and cloud IT assets
- Expose and eliminate hidden cyber threats and vulnerabilities
- Streamline your overall security operations
- Achieve and maintain compliance
Using Infocyte, TIG can provide their customers with cost-effective, easy-to-manage, and on-demand cybersecurity consulting services (e.g. compromise assessments, incident response) and managed security services (e.g. managed detection and response).
Visit https://www.infocyte.com/ to learn more and request a demo, or request a cybersecurity risk assessment (Compromise Assessment) using the link below:
https://www.infocyte.com/free-compromise-assessment/
GDPR is bringing the biggest change to Data Protection Law in Europe, ClicQA as an Independent Software Testing company with is security testing services wants to help organizations in journey of data protection and be compliant with GDPR.
Slides from Alexandre BRIANCEAU's talk at #OSSPARIS19 (Open Source Summit Paris 2019).
Security is everyone's business, an exploited breach is enough. Teams are aware of this and yet it is still as difficult as ever to be able to ensure, be confident, and reassure others (prove) that at least one party is under control.
And when it comes to server infrastructure, especially at the OS / middleware level, everything gets complicated. Even with an operational security team, it is difficult to ensure that the Information System Security Policy and security recommendations are properly implemented on all servers.
How can we be sure that our security policies are properly applied on all our servers other than through a massive and costly audit? Even if they were when they were created, how do you know if they remain perfectly compliant after a few days / weeks / months?
Let's discover together RUDDER, an open-source solution for continuous compliance based on configuration management to automatically audit and/or correct our systems.
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
A presentation given in April 2019 in London during ICS Cyber Security Conference. I discuss an anonymized investigation conducted by our team to identify a real malware infection on a production network, the tools and techniques used to contain this threat and how to use threat intelligence and visibility to stay ahead of cyber adversaries.
Asset visibility and network baselining
Continuous network monitoring
Threat intelligence ingestion
Thorough incident response plans
Talk on Kaspersky lab's CoLaboratory: Industrial Cybersecurity Meetup #5 with @HeirhabarovT about several ATT&CK practical use cases.
Video (in Russian): https://www.youtube.com/watch?v=ulUF9Sw2T7s&t=3078
Many thanks to Teymur for great tech dive
This presentation showcased live during the DNIF Konnect meetup on 14th November 2019. We have our guest presenter: Sudhan Pathak and Nabeel Shaikh - MBA student at Symbiosis centre for Information Technology, walk us basics and some of the challenges at Capture The Flag (CTF).
Some key points discussed during the meetup:
-Introduction to NXLogs.
-Find out how using NXLogs with DNIF can make life easier for security analysts.
-Introduction to the concepts of capture the flag (CTF).
-Learn how users can easily manage their DNIF components.
Watch the full presentation here: https://www.youtube.com/watch?v=UHE9-oYatiY
This presentation showcased live during the DNIF Konnect meetup on 5th September 2019. We have our guest presenter: Mr. Mikhail Moskvin - Cyber Security Expert from Kaspersky, walk us through some key points related to benefits and practical applications of threat intelligence.
Some key points discussed during the meetup:
- Introduction to threat intelligence.
- Strategies to implement threat intelligence with SIEM.
- Practical use cases on using KASPERSKY Threat Intelligence Portal with DNIF.
- How SOC teams can leverage threat intelligence aand validation.
Watch the full presentation here: https://youtu.be/C89lTX13Vcw?t=1284
In this presentation, we talk about actual use cases that can be created in DNIF to leverage the additional information provided by vFeed based on attack CVEs and related CAPEC information.
This presentation was demonstrated live during the DNIF Konnect session held on 4th July 2019 - You can watch the complete session here: https://youtu.be/owp1q-XoBoc?t=1170
In this presentation, we talk about:
- Introduction to Containers
- Container Security Overview
You can watch the complete session here:
https://youtu.be/w2-NtdAkrOI?t=1901
Importance of having a vulnerability management | Vfeed DNIF
In this presentation, the presenters NJ Ouchn and Rachid Harrando from vFeed talk about:
- Introduction to vFeed
- Common Vulnerability Structure
- Vulnerability Correlation Engine
This presentation was demonstrated live during the DNIF Konnect session held on 4th July 2019 - You can watch the complete session here: https://youtu.be/owp1q-XoBoc?t=412
Anatomy of Persistence Techniques & Strategies to DetectDNIF
In this presentation, we talk about:
- Attack Kill Chain
- About Persistence
- Persistence Techniques
- Persistence Leveraging MSSQL
- Approach to Detect Persistence
You can watch the complete session here: https://youtu.be/HfpjLR6ZwIU?t=1322
User Behavior Analytics Using Machine LearningDNIF
In this presentation we talk about:
- Introduction to user behavior analytics.
- Classifying malicious IP using machine learning.
- User behavior analytics using machine learning.
You can watch the complete demonstration video here: https://youtu.be/HfpjLR6ZwIU?t=3550
In this session, we talk about:
- Introduction to process whitelisting
- Advantages
- Leverage VirusTotal Threat Intelligence
You can watch the complete demonstration video here: https://youtu.be/HfpjLR6ZwIU?t=342
VirusTotal Threat Intelligence and DNIF Use CasesDNIF
NIF is a next gen SIEM platform with advanced security and automation capabilities, that let's machines do what they do best and allows security analysts to do activities that can actually change the game.
In this presentation, we talk about how DNIF users can build a use case on "Detecting Malicious URLs" with the help of VirusTotal Threat Intelligence.
Threat hunting and achieving security maturityDNIF
In this virtual meetup of DNIF KONNNECT (04.04.2019), where the growing DNIF community connects, interacts, shares and helps each other to grow and learn about the latest in threat hunting and many more...this time we have Mr. Ankit Panchal from NSDL who shall demonstrate an end to end demo of how you can achieve security maturity.
Learn more about DNIF KONNECT here - https://dnif.it/dnif-konnect.html
Learn more about DNIF KONNECT here - https://dnif.it/dnif-konnect.html
Kaspersky Threat Intelligence Portal and DNIF Use Cases DNIF
DNIF is a next gen SIEM platform with advanced security and automation capabilities, that let's machines do what they do best and allows security analysts to do activities that can actually change the game.
In this presentation, we talk about how DNIF users can build a use case on "Detecting Malicious IP Addresses" with the help of Kaspersky Threat Intelligence Portal.
Agenda:
1. Cyber Security - How it works, today!
2. Data Analytics, the What and the Why
3. The technical aspects
4. The pipeline
5. Opportunities - Gaps we're aiming for
6. Demo
Part 3, the final part of the series "Mastering Next Gen SIEM Use Cases".
The following presentation talks about building use cases to detect anomalies pertaining to applications and application servers.
Importance of correlating events pertaining to applications and applications servers.
Discover sample use cases for detecting anomalies in the SWIFT application.
Part 2 of 3 part series of "Mastering Next Gen SIEM Use Cases"
The following presentation talks about building use cases to detect anomalies pertaining to endpoints.
Discover use cases for Credential Theft and Endpoint compromise.
Part 1 of 3 part series of "Mastering Next-Gen SIEM Use Cases"
The following presentation talks about the mindset which next-gen threat hunters need to have in order to detect and respond to next-gen threats.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
2. ● What is SOAR?
● What does a SOAR consist of?
● What can you integrate in a SOAR platform?
● Problems in today’s SOC
● Benefits of SOAR in a SOC
● Business Case for a SOAR
● Standalone SOAR vs SIEM+SOAR?
● SOAR in action
Topics to be covered
3. ● SOAR stands for Security Orchestration, Automation and Response.
● SOAR term coined by Gartner.
● Capability of a SOAR Platform(not restricting to):
○ Threat and Vulnerability Management
○ Incident Response
○ Security Operations Automation
What is SOAR?
4. ● Fetching the relevant log data
● Performing a lookup function using threat intelligence
● Perform remediation action
● Easy reporting & Case Management
● All the steps mentioned above constitute a Security Playbook.
What does a SOAR consist of?
5. ● Threat Intelligence services
● ITSM tools
● Firewalls, Active Directory, EDR, DLP etc. i.e. Devices from your security stack
● IT applications
What can you integrate in a SOAR
platform?
6. .
Bring down the workloads and
shorten time to action at the SOC
with SOAR*
ENRICH VALIDATE RESPOND
* Security Orchestration, Automation and Response (SOAR) SOAR Plugin Framework
7. .
Correlate and connect the dots with
a functional query language - DQL.
DATASTORE QUERY FUNCTION
Retrieve data from the distributed
data structure.
PROFILE LOOKUP
Evaluate the outcome along with
pre-populated references.
CASE MANAGEMENT
Group and manage threats in an
organized manner using tickets.
VALIDATE / RESPOND
Integrate with third party tools and
service providers to automate.
8. ● Too much involvement of an L1 Analyst.
● Alert Fatigue
● Slow response time= Difference between Mean Time To Detect(MTTD) and Mean Time to Respond(MTTR).
● Operational Inefficiencies
○ Lack of automated workflows
○ Manual reporting
○ Analysts spending time on finding alerts
○ Remediation process: Manual and ineffective
○ High Attrition rates
Problems in today’s SOC
9. ● Automated countermeasures: Reduced dependency on an L1 Analyst.
● Better response times: Reducing it from hours to seconds.
● Increase in operational efficiency
○ Clearly defined approach to deal with multiple Security Use Cases.
○ Analysts spending time on finding alerts
○ Remediation process: Manual and ineffective
Benefits of SOAR in a SOC
10. .
Bring down the workloads and
shorten time to action at the SOC
with SOAR*
* Security Orchestration, Automation and Response (SOAR)
Threat handled and
responded to without a
SOC analyst getting
involved
41%
Time between detection
and resolution of an
attack
23s
Of threats auto responded
were found to be false
positives
3%
11. ● Lesser investment to train Security Analysts.
● No manual playbooks
● Operations is key
● Better incident response
● Efficient SOC: More alerts, better approach
Business Case for a SOAR
12. ● Standalone SOAR disadvantages:
○ Integration and maintainance
○ Training
○ Administration/Support
● SIEM+SOAR primary advantages: Single pane of glass, better ROI
Standalone SOAR vs SIEM+SOAR
13. .
THANK YOU FOR YOUR TIME
Let’s Konnect!
Email: ruchir.shah@dnif.it
Phone: +919773064530