Security operations centres are made up of several roles and each role benefits from a person with specific skills and competencies. This presentation was presented at Napier University on the 13/11/2019 at their 'Cyber Breakfast'.
Insight is one of the best security operation center that influences all the necessary things that reduce the advanced threats and security risk all over your company and protects your network infrastructure across the organization. https://insightmsp.co.in/soc-as-service.php
Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...Raffael Marty
Extended Detection and Response, or XDR for short, is one of the acronyms that are increasingly used by cybersecurity vendors to explain their approach to solving the cyber security problem. We have been spending trillions of dollars on approaches to secure our systems and data, with what success? Cybersecurity is still one of the biggest and most challenging areas that companies, small and large, are dealing with. XDR is another approach driven by security vendors to solve this problem. The challenge is that every vendor defines XDR slightly differently and makes it fit their own “challenge du jour” for marketing and selling their products.
In this presentation we will demystify the XDR acronym and put a working model behind it. Together, we will explore why XDR is a fabulous concept, but also discover that it’s nothing revolutionarily new. With an MSP lens, we will explore what the XDR benefits are for small and medium businesses and what it means to the security strategy of both MSPs and their clients. The audience will leave with a clear understanding of what XDR is, how the technology matters to them, and how XDR will ultimately help them secure their customers and enable trusted commerce.
Cyber Security Trends
Business Concerns
Cyber Threats
The Solutions
Security Operation Center
requirement
SOC Architecture model
SOC Implementation
SOC & NOC
SOC & CSIRT
SIEM & Correlation
-----------------------------------------------------------
Definition
Gartner defines a SOC as both a team, often operating in shifts around the clock, and a facility dedicated to and organized to prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfill and assess regulatory compliance. The term "cybersecurity operation center "is often used synonymously for SOC.
A network operations center (NOC) is not a SOC, which focuses on network device management rather than detecting and responding to cybersecurity incidents. Coordination between the two is common, however.
A managed security service is not the same as having a SOC — although a service provider may offer services from a SOC. A managed service is a shared resource and not solely dedicated to a single organization or entity. Similarly, there is no such thing as a managed SOC.
Most of the technologies, processes and best practices that are used in a SOC are not specific to a SOC. Incident response or vulnerability management remain the same, whether delivered from a SOC or not. It is a meta-topic, involving many security domains and disciplines, and depending on the services and functions that are delivered by the SOC.
Services that often reside in a SOC are:
• Cyber security incident response
• Malware analysis
• Forensic analysis
• Threat intelligence analysis
• Risk analytics and attack path modeling
• Countermeasure implementation
• Vulnerability assessment
• Vulnerability analysis
• Penetration testing
• Remediation prioritization and coordination
• Security intelligence collection and fusion
• Security architecture design
• Security consulting
• Security awareness training
• Security audit data collection and distribution
Alternative names for SOC :
Security defense center (SDC)
Security intelligence center
Cyber security center
Threat defense center
security intelligence and operations center (SIOC)
Infrastructure Protection Centre (IPC)
مرکز عملیات امنیت
Insight is one of the best security operation center that influences all the necessary things that reduce the advanced threats and security risk all over your company and protects your network infrastructure across the organization. https://insightmsp.co.in/soc-as-service.php
Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...Raffael Marty
Extended Detection and Response, or XDR for short, is one of the acronyms that are increasingly used by cybersecurity vendors to explain their approach to solving the cyber security problem. We have been spending trillions of dollars on approaches to secure our systems and data, with what success? Cybersecurity is still one of the biggest and most challenging areas that companies, small and large, are dealing with. XDR is another approach driven by security vendors to solve this problem. The challenge is that every vendor defines XDR slightly differently and makes it fit their own “challenge du jour” for marketing and selling their products.
In this presentation we will demystify the XDR acronym and put a working model behind it. Together, we will explore why XDR is a fabulous concept, but also discover that it’s nothing revolutionarily new. With an MSP lens, we will explore what the XDR benefits are for small and medium businesses and what it means to the security strategy of both MSPs and their clients. The audience will leave with a clear understanding of what XDR is, how the technology matters to them, and how XDR will ultimately help them secure their customers and enable trusted commerce.
Cyber Security Trends
Business Concerns
Cyber Threats
The Solutions
Security Operation Center
requirement
SOC Architecture model
SOC Implementation
SOC & NOC
SOC & CSIRT
SIEM & Correlation
-----------------------------------------------------------
Definition
Gartner defines a SOC as both a team, often operating in shifts around the clock, and a facility dedicated to and organized to prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfill and assess regulatory compliance. The term "cybersecurity operation center "is often used synonymously for SOC.
A network operations center (NOC) is not a SOC, which focuses on network device management rather than detecting and responding to cybersecurity incidents. Coordination between the two is common, however.
A managed security service is not the same as having a SOC — although a service provider may offer services from a SOC. A managed service is a shared resource and not solely dedicated to a single organization or entity. Similarly, there is no such thing as a managed SOC.
Most of the technologies, processes and best practices that are used in a SOC are not specific to a SOC. Incident response or vulnerability management remain the same, whether delivered from a SOC or not. It is a meta-topic, involving many security domains and disciplines, and depending on the services and functions that are delivered by the SOC.
Services that often reside in a SOC are:
• Cyber security incident response
• Malware analysis
• Forensic analysis
• Threat intelligence analysis
• Risk analytics and attack path modeling
• Countermeasure implementation
• Vulnerability assessment
• Vulnerability analysis
• Penetration testing
• Remediation prioritization and coordination
• Security intelligence collection and fusion
• Security architecture design
• Security consulting
• Security awareness training
• Security audit data collection and distribution
Alternative names for SOC :
Security defense center (SDC)
Security intelligence center
Cyber security center
Threat defense center
security intelligence and operations center (SIOC)
Infrastructure Protection Centre (IPC)
مرکز عملیات امنیت
The Presentation is about the Basic Introduction to Cybersecurity that talks about introduction and what is security means. Also the presentation talks about CIA Triad i.e confidentiality, integrity and availability
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMElasticsearch
Together, Cortex XSOAR and Elastic SIEM deliver a flexible and effective solution for today's security operations teams. Combining Cortex XSOAR's robust orchestration, automation, and case management capabilities with Elastic's open collection, search, and analytics abilities provides the comprehensive end-to-end strategy SOC teams need to gain visibility to stop threats.
Being aware of the trends that are expected to shape the digital landscape is an important step in ensuring the security of your data and online assets.
Amongst others, the webinar covers:
• Top Cyber Trends for 2023
• Cyber Insurance
• Prioritization of Cyber Risk
Presenters:
Colleen Lennox
Colleen Lennox is the Founder of Cyber Job Central, a newly formed job board dedicated to Cybersecurity job openings. Colleen has 25+ years in Technical Recruiting and loves to help other find their next great job!
Madhu Maganti
Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes.
Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting.
Date: January 25, 2023
Tags: ISO, ISO/IEC 27032, Cybersecurity Management
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
https://pecb.com/article/cybersecurity-risk-assessment
https://pecb.com/article/a-deeper-understanding-of-cybersecurity
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/BAAl_PI9uRc
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
An in-depth look at:
1. Disruptive Technology and its impact on organizations.
2. Need for a Security Operations Center (SOC) for the 21st century businesses
3. Designing and operating an effective SOC - what it takes to run a successful SOC starting from how we should prepare our minds in terms of approach to the actual implementation and operation.
4. Qualities any SOC Analyst should possess
5. Measuring the success of a SOC - We discuss critical factors to consider when determining the success of a SOC.
SOC presentation- Building a Security Operations CenterMichael Nickle
Presentation I used to give on the topic of using a SIM/SIEM to unify the information stream flowing into the SOC. This piece of collateral was used to help close the largest SIEM deal (Product and services) that my employer achieved with this product line.
Application Security - Your Success Depends on itWSO2
Traditional information security mainly revolves around network and operating system (OS) level protection. Regardless of the level of security guarding those aspects, the system can be penetrated and the entire deployment can be brought down if your application's security isn't taken into serious consideration. Information security should ideally start at the application level, before network and OS level security is ensured. To achieve this, security needs to be integrated into the application at the software development phase.
In this session, Dulanja will discuss the following:
The importance of application security - why network and OS security is insufficient.
Challenges in securing your application.
Making security part of the development lifecycle.
This session will outline common roles for cyber defenders, including areas like Security Operations, Engineering and Consultancy. It will focus on the fundamental competencies (skills/behaviours) expected of entry level applicants getting into cybersecurity and how to build yourself into a confident professional working to defend your employer and their customers.
knowthyself : Internal IT Security in SA SensePost
Presentation by Charl van der Walt and Roelof Temmingh at IIR in 2000.
The presentation begins with a discussion on global risks, threats, internal risk and security assessments. Steps to building a strong security culture within an organization are discussed. The presentation ends with a brief overview of intrusion detection systems and their use in internal security.
The Presentation is about the Basic Introduction to Cybersecurity that talks about introduction and what is security means. Also the presentation talks about CIA Triad i.e confidentiality, integrity and availability
Upgrade Your SOC with Cortex XSOAR & Elastic SIEMElasticsearch
Together, Cortex XSOAR and Elastic SIEM deliver a flexible and effective solution for today's security operations teams. Combining Cortex XSOAR's robust orchestration, automation, and case management capabilities with Elastic's open collection, search, and analytics abilities provides the comprehensive end-to-end strategy SOC teams need to gain visibility to stop threats.
Being aware of the trends that are expected to shape the digital landscape is an important step in ensuring the security of your data and online assets.
Amongst others, the webinar covers:
• Top Cyber Trends for 2023
• Cyber Insurance
• Prioritization of Cyber Risk
Presenters:
Colleen Lennox
Colleen Lennox is the Founder of Cyber Job Central, a newly formed job board dedicated to Cybersecurity job openings. Colleen has 25+ years in Technical Recruiting and loves to help other find their next great job!
Madhu Maganti
Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes.
Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting.
Date: January 25, 2023
Tags: ISO, ISO/IEC 27032, Cybersecurity Management
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
https://pecb.com/article/cybersecurity-risk-assessment
https://pecb.com/article/a-deeper-understanding-of-cybersecurity
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/BAAl_PI9uRc
The SOC analyst training program is meticulously designed by the subject matter experts at Infosec Train. The training program offers a deep insight into the SOC operations and workflows. It is an excellent opportunity for aspiring and current SOC analysts (L1/L2/L3) to level up their skills to mitigate business risks by effectively handling and responding to security threats.
https://www.infosectrain.com/courses/soc-analyst-expert-training/
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
An in-depth look at:
1. Disruptive Technology and its impact on organizations.
2. Need for a Security Operations Center (SOC) for the 21st century businesses
3. Designing and operating an effective SOC - what it takes to run a successful SOC starting from how we should prepare our minds in terms of approach to the actual implementation and operation.
4. Qualities any SOC Analyst should possess
5. Measuring the success of a SOC - We discuss critical factors to consider when determining the success of a SOC.
SOC presentation- Building a Security Operations CenterMichael Nickle
Presentation I used to give on the topic of using a SIM/SIEM to unify the information stream flowing into the SOC. This piece of collateral was used to help close the largest SIEM deal (Product and services) that my employer achieved with this product line.
Application Security - Your Success Depends on itWSO2
Traditional information security mainly revolves around network and operating system (OS) level protection. Regardless of the level of security guarding those aspects, the system can be penetrated and the entire deployment can be brought down if your application's security isn't taken into serious consideration. Information security should ideally start at the application level, before network and OS level security is ensured. To achieve this, security needs to be integrated into the application at the software development phase.
In this session, Dulanja will discuss the following:
The importance of application security - why network and OS security is insufficient.
Challenges in securing your application.
Making security part of the development lifecycle.
This session will outline common roles for cyber defenders, including areas like Security Operations, Engineering and Consultancy. It will focus on the fundamental competencies (skills/behaviours) expected of entry level applicants getting into cybersecurity and how to build yourself into a confident professional working to defend your employer and their customers.
knowthyself : Internal IT Security in SA SensePost
Presentation by Charl van der Walt and Roelof Temmingh at IIR in 2000.
The presentation begins with a discussion on global risks, threats, internal risk and security assessments. Steps to building a strong security culture within an organization are discussed. The presentation ends with a brief overview of intrusion detection systems and their use in internal security.
An expert of IT IM & Cyber Security sphere across all industry verticals to act as an analyst, consultant, advisory, auditor ISO & PCI DSS compliance, HIPAA & presales professional to deal worth multi billion project value on an individual contributor and self-starter basis. In-depth understanding on cyberspace security product development environment basis my engagement in the past around development/license model engineering/VAR management/classified artefacts/siphoning etc. Fluent in communicating with cross-border business audience based on approx. 25 years of niche IT experience worldwide. An entrepreneur approach and very good business acumen. Doctorate class in Crypto/BLOCKCHAIN fabric independently working to consult businesses in FINTECH space across APAC. RUSSIA, Eastern EU, Central America etc. past 9 years on top of primary experience over 2 decades as mentioned.
Hunting Hard & Failing Fast (ScotSoft 2019)Harry McLaren
Many organisations have invested millions in building security operations teams, deploying powerful monitoring and reporting tools and then asking for continual improvement in the form of tuning, threat hunting and developing new threat models. However, within large enterprises, these types of changes either represent a risk of making changes to a live production platform or take weeks or months to go through the development and release process or route-to-live. This session outlines some DevOps principals and associate framework for enforcing change management, but still supporting rapid changes to code and configuration.
* SOC Capabilities
* OODA & Threat Hunting
* Balancing SOC Risk
* Using Splunk for an Agile SIEM
* Result: Empowered Hunters
* Resources & Questions
Strategic Planning (Short Term & Long Term)
System & Business Applications Designing
Network Designing, Solutions, Evaluation & Administration
Data/Voice Communication
Quality, Risk, and Configuration Management
Integration Management
IT Infrastructure, Storage & Security
Security Operations, MITRE ATT&CK, SOC Roles / Competencies Harry McLaren
Security Operations & MITRE ATT&CK
Description: A two topic talk covering the core functions of the blue team (security operations), common roles and the required skills to be successful. Then an overview of the threat-led knowledgebase MITRE ATT&CK and how to put it to good use for threat detection and response.
Transform Banking with Big Data and Automated Machine Learning 9.12.17Cloudera, Inc.
Banks are rich in valuable data and can build and maintain a competitive advantage by identifying and executing on high-value machine learning projects leveraging the rich data available.This webinar will describe use cases fit for big data and machine learning in the banking sector (commercial, consumer, regulatory, and markets) and the impact they can have for your organization.
3 things to learn:
* How to create a next generation data platform and why it is important
* How to monetize big data using predictive modeling and machine learning
* What is needed for automated machine learning as a sustainable, cost-effective, and efficient solution
Threat Hunting, Detection, and Incident Response in the CloudBen Johnson
SaaS and IaaS are new frontiers for a lot of security teams. We'll explore some thoughts at how you might approach some of these areas of your environment from a hunting or IR perspective. This was from a Sans webinar on 2019-09-25.
Big Data For Threat Detection & ResponseHarry McLaren
Slides used at the University of Edinburgh SIGINT group (cybersecurity society). Covering what is big data, the value for security use cases, hunting for threats/actions, using Splunk to detect and respond, SIEM use and some useful searches (which were demoed).
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE360 BSI
This 4 day training program combines advanced technology and relevant practical experience to develop your IT security policies & create a robust IT infrastructure.
Information security is critical for modern business models today.
Organizations must be prepared to take crucial steps to strengthen their IT infrastructure from both internal & external threats.
Organizations must look to develop a security network that enhances business operations while improving its security position. Successful security architecture combines a mix of the latest policies & practices, technology, and a robust awareness program.
This 4 day intensive training workshop addresses the latest concerns on IT infrastructure and security. Participants will develop key skills and core competencies that will allow them to meet the ever-changing security demands of the 21st century.
Course Participants will:
- Master the tools & techniques for effective information & network security.
- Discover how to create a complete & sustainable IT security architecture.
- Gain knowledge on how to develop sound security policy together with your security architecture.
- Learn how to perform an IT governance assessment using CoBIT 4.0
- Learn how to perform smart security risk assessment within your organization.
- Gain valuable insights on implementing a proactive & robust security management system.
- Learn how to detect & prevent information security breaches due to inadequate IT security awareness within the organization.
Who should attend:
Vice Presidents, Directors, General Managers
Chief Information Officers
Chief Security Officers
Chief Information Security Officers
Chief Technology Officers
Contact Kris at kris@360bsi.com for further information.
Virtual Splunk User Group - Phantom Workbook Automation & Threat Hunting with...Harry McLaren
We’ll be exploring some of the more advanced capabilities of Phantom and also discussing the security framework from MITRE “ATT&CK” and it’s valued use when integrating it with Splunk Enterprise! We’ll also have two SplunkTrust members available for some general Q&A in our own ‘Meet the Experts’.
- Splunk Phantom Workbook Automation - SOAR (Security Orchestration, Automation & Response)
-- Tom Wise (Phantom Security Solutions Engineer & Trainer)
- Threat Hunting, Or: How I Learned to Stop Worrying & Love ATT&CK
-- Cian Heasley / Fraser Dumayne (Security Engineers)
- Meet the Experts with SplunkTrust
-- Harry McLaren (Senior Splunk Consultant)
-- Tom Wise (Splunk Consultant, Phantom Security Solutions Engineer & Trainer)
Splunk Phantom, the Endpoint Data Model & Splunk Security Essentials App!Harry McLaren
We'll be coving the latest and greatest updates to Phantom (SOAR Platform), the ins-and-outs of the new Endpoint Data Model and what you can use it for and finally showcase some of the awesome beta features just released as part of the Splunk Security Essentials App which includes MITRE ATT&CK and Kill Chain Mappings!
Collecting AWS Logs & Introducing Splunk New S3 Compatible Storage (SmartStore) Harry McLaren
Two presentations at the January Splunk User Group in Edinburgh. Presenters were Harry McLaren and Tomasz Dziwok.
Topics covered are collecting AWS based logs at scale with Splunk and what the new object-based storage feature is within Splunk Enterprise (SmartStore).
Using Metrics for Fun, Developing with the KV Store + Javascript & News from ...Harry McLaren
We explore "Metrics, mstats and Me: Splunking Human Data” and also have some insights into the KV Store and javascript use in dashboards. We’ll also re-cover the conf18 updates for those who couldn’t attend our last session.
Covering off some of the latest announcements at Splunk's user conference (.conf), an Add-on created to Splunk config files and also the presentation delivered at .conf18 on SplDevOps!
SplDevOps: Making Splunk Development a Breeze With a Deep Dive on DevOps' Con...Harry McLaren
As Splunk scales, it grows with more Splunk engineers, developers and users. Maintaining proper knowledge object development, deployment changes and best practices can become a daunting task where fear-driven development takes its toll. In this session we present our enhancement of Splunk’s scalability in terms of software management, continuous integration and continuous delivery (CI/CD) by providing a framework which consists of DevOps tooling in combination with our Splunk expertise. Specifically, we are able to maintain a proper Splunk development cycle by using Docker containers, configuration and secret management with Ansible and version control with Git (VCS), all achieved by taking advantage of Splunk's ".conf" versatility. Our result is a CI/CD development-to-testing-to-production framework that complements Splunk’s scalability with modern DevOps culture and facilitates a smoother yet moderated development experience.
Lessons on Human Vulnerability within InfoSec/CyberHarry McLaren
Truths and lessons from a cybersecurity consultant who shares his experience with failure, vulnerability and the lessons we can all take forward to be kinder and healthier professionals.
This was also recorded here: https://youtu.be/-Rcfn1iFb1g?t=7m56s
OWASP - Analyst, Engineer or Consultant?Harry McLaren
The slides used at the March 2018 OWASP Edinburgh meetup to share a look at common roles within cybersecurity from the perspective of a Managing Consultant who’s been through several in quick succession and an introspective analysis of what makes a successful cybersecurity professional.
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk DevelopmentHarry McLaren
TSTAS, the Life of a Splunk Trainer and using DevOps in Splunk Development
Some interesting talks about using TSTATS and the internal Splunk logs, have a Splunk Trainer share his journey with Splunk and how he's managed to achieve every possible Splunk certification (over 10!), and a short discussion about emerging thoughts of using development/release frameworks with Splunk deployments.
Cyber Scotland Connect: What is Security Engineering?Harry McLaren
What is Security Engineering?: Thoughts on the definition, placement, role and job of working within security engineering. Then a scenario of the activities a Security Engineer might do throughout a project. Finally, some resources and thoughts on skills for 2018.
Slides by: Harry McLaren
Website: https://cyberscotlandconnect.com/
Cyber Scotland Connect: Getting into Cybersecurity (Deck 2)Harry McLaren
Getting into Cybersecurity: Advice, tips and tricks from an experienced cybersecurity consultant.
Slides by: Robert Williamson
Website: https://cyberscotlandconnect.com/
Cyber Scotland Connect: Getting into Cybersecurity (Deck 1)Harry McLaren
Getting into Cybersecurity: Advice, tips and tricks from an experienced recruitment consultant.
Slides by: Stefanie Corlay
Website: https://cyberscotlandconnect.com/
We'll aim to do a brief intro to the event and an overview of our Mission Statement + Purpose (we promise to keep the boring stuff short!)
Our aim is to mix some short interactive sessions with some Q&A's, some brilliant speakers and other bits and pieces to hopefully deliver some real value to people attending.
Slides by: Stuart Turner
Website: https://cyberscotlandconnect.com/
Latest Updates to Splunk from .conf 2017 Announcements Harry McLaren
Session detailing some of the best announcements from the recent Splunk users conference. Delivered at the Splunk User Group in Edinburgh on October 16, 2017.
Securing the Enterprise/Cloud with Splunk at the CentreHarry McLaren
Using orchestration tools with Splunk to automate and respond to events of interest and what types of use cases and logs you can leverage AWS/Cloud as the source.
Delivered as part of the Splunk User Group in Edinburgh in August 2017
Steam: http://productfor.ge/SUGE0817
Security Meetup Scotland - August 2017 (Deconstructing SIEM)Harry McLaren
There are many misconceptions about what a SIEM is and why they should still be the heart of an operational capability when it comes to security controls and monitoring. This topic will outline what makes a powerful SIEM and why creating it yourself is increasingly challenging. We'll explore the frameworks at the heart of a SIEM and how Splunk has developed Enterprise Security with these in mind; finishing with some general lessons learned for SIEM implementation projects.
Supporting Splunk at Scale, Splunking at Home & Introduction to Enterprise Se...Harry McLaren
Slide deck delivered at the June Splunk User Group in Edinburgh: Supporting Splunk at Scale, Splunking at Home & Introduction to Enterprise Security.
Sign up to the group here: https://usergroups.splunk.com/group/splunk-user-group-edinburgh/
Building Splunk Apps, Development Paths with Splunk & User Behaviour Analytics Harry McLaren
Slide deck delivered at the April Splunk User Group in Edinburgh: Building Splunk Apps, Development Paths with Splunk & User Behaviour Analytics.
Sign up to the group here: https://usergroups.splunk.com/group/splunk-user-group-edinburgh/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
2. Harry McLaren
• Product Lead at Adarma
• Alumnus of Napier University
• Co-Founder of Cyber Scotland Connect
Who Am I?
Previous Roles
• 2006-2012: ComputerTechnician& DesksideSupport
• 2013-2015: SOCAnalyst & IncidentInvestigator
• 2016-2018: SecurityEngineer,SOC Consultant, ManagingConsultant
3. c
WE ARE ADARMA
TRUSTED BY FTSE 350 COMPANIES
THE UK’S LARGEST INDEPENDENTSECURITY SERVICES COMPANY
FORMED AND RUN BY EXPERIENCED SECURITY LEADERS FROM FTSE 100
FINANCIAL ENTERPRISE
SPECIALISTS IN THREAT MANAGEMENT
SPLUNK PARTNEROF THE YEAR
6. Topreparefor,detect,andrespondtocybersecuritythreats.
Purpose of a SOC
• Ensure you have the people, processes and technology to support the detection and response to attacks
to your organisation.
Prepare
• Proactively monitor your environment for evidence of threat actor’s activities.
Detect
• Reactively respond to detectedthreats to your organisation, including coordination andsupport of
incident investigations.
Respond
13. Communication
Verbal Communication
• EffectiveSpeaking(What YouSay / How YouSay It)
• Active Listening& Mirroring (Concentration/ Objective)
Nonverbal Communication
• BodyMovement& Eye Contact(Open /Friendly)
• PersonalAppearance (Professional& Appropriate)
Written Communication
• Spelling & Grammar(Explain Acronyms)
• Structureof Information(Report Writing /Organisation)
Industry Context
• Speakthe 'Lingo'(Learn it First)
• Don'tAssume OthersKnowledge
14. Emotional Intelligence (EQ)
Self-Awareness
• The ability to recognize and understandone'smoods, motivations,and abilities.
Self-Regulation
• The abilityto controlone'simpulses, the abilityto thinkbeforeyou speak/react,and theability toexpress yourself appropriately.
Motivation
• Havinganinterestin learningand self-improvement.
Empathy
• The ability to understandotherpeople’s emotionsand reactions.
Social Skills
• The ability to pick up on jokes, sarcasm, customerservice, maintainingfriendships andrelationships,and findingcommon groundwith others.
Source: http://theimportanceofemotionalintelligence.weebly.com/the-5-components.html