The two-day event showcases government, industry, critical infrastructure, operations and research perspectives and is hosted by Johns Hopkins University Applied Physics Laboratory in collaboration with the National Security Agency (NSA) and the Department of Homeland Security (DHS). The goal of the event is to dramatically change the timeline and effectiveness of cyber defenses via integration, automation, and information sharing.
Matt and Tom’s presentation will explore the challenges of creating security automation and orchestration workflows that are designed to keep up with the rapid pace of cybersecurity and share some of the lessons they have learned over the years. The engineering principles they will discuss include:
- Establishing Practical Standard Operating Procedures
- Standardizing Data Collection and Process Outputs
- Assigning the Most-Qualified Owner to Process Workflows
- Implementing Single-Pane-of-Glass Curation from Disparate Security Tools
- Creating a Modular, Templated App Framework
- Automating and Documenting the Automation Deployment Lifecycle
Brian Kafenbaum, Managing Partner of Phoenix Cyber, commented “As an IACD Integrator, we are excited to share the best practices that Matt and Tom have developed over the years. Our automated apps and architecture allow us to minimize the case management content we gather during the triage process for the large volumes of false positives, but really go deep and thoroughly collect robust data sets from multiple sources for suspicious and confirmed malicious incidents. Delivering this information to security analysts in a curated, single pane of glass allows them to remediate cases quickly and accurately.”
About Phoenix Cyber
Phoenix Cyber is a leading cybersecurity consulting company providing security engineering, operations, and technical cybersecurity expertise to organizations determined to mitigate risk and safeguard their business. Since 2011, security teams from Fortune 500 enterprises, federal government agencies, and service providers have trusted Phoenix Cyber to deliver results-oriented, cybersecurity solutions and enhance their security operations centers’ people, processes, and technologies.
Learn more at www.phoenixcyber.com or follow us on LinkedIn and Twitter.