Безпечна інтеграція в майбутнє
Secured integration to the future
For five years, IT Specialist has been successfully specializing in constructing and maintaining cybersecurity management centers (Security Operation Center).
During this period, we have accumulated considerable experience, which we successfully use to solve the problems and challenges that our customers face daily.
Although we rarely talk about our experiences publicly, it's time to share our knowledge with anyone interested in this topic.
This webinar offers a unique opportunity to look inside our SOC department and meet the people who implement the processes and technologies of modern cyber defense.
You will also learn how IBM's solution helped us create a complete ecosystem for detecting and handling cybersecurity incidents.
What is the schedule?
«Introduction. Security Operation Center Architecture. Approach of IT Specialist»Dmytro Petrashchuk 10 min
«Identification and accounting of components of IT infrastructure. The basis of the protection system» Product: ITS InventoryAndriy Chuenko25 min
«Detecting threats and attacks through integrating security and SOC use case management»Product: IBM QRadar + UseCase ManagementVyacheslav Silenko25 min
«Fast incident response through automation and control»Product: IBM SOARYegor Skrynnyk25 min
«Problems of event collection and analysis in hybrid distributed infrastructure»Product: IBM LogInsightDmytro Petrashchuk25 min
What will be interesting and practical?
«Identification and accounting of IT infrastructure components - the basis of the security system»
Product: ITS Inventory● Why is a continuous infrastructure inventory essential for an effective security system?● How do we get complete information about each element in the network without deploying complex software systems and using agents?● How does the inventory allow the SOC to control the completeness of cybersecurity, identify hidden IT infrastructure components, and improve the quality of incident handling?
«Detecting threats and attacks through integrating security and SOC use case management»
Product: IBM QRadar + UseCase Management● What is a SOC UseCase, what does it consist of, and its life cycle stages?● How to customize use cases in the IBM QRadar interface?● How to evaluate the coverage of the attack path by use cases based on the MITRE Att&ck Matrix?
«Fast incident response through automation and control»
Product: IBM SOAR● What are the typical metrics and challenges of response teams?● How can SOAR improve the quality of SOC work and move from chaotic response to sustainable processes?● How can SOAR automation reduce analysts' workload and increase team throughput?
«Problems of collecting and analyzing events in a hybrid distributed infrastructure»
● How to unify the collection and analysis of event logs in a multi-cloud environment?● How to ensure incident investigations in a complex hybrid environment?● What are the advanced proactive threat detection techniques and how to use them?
Speakers
Dmytro Petrashchuk
Technical Director of IT Specialist Cybersecurity systems architect, auditor, consultant. CISSP, CISA, PCI QSA, ISO27001 Lead Auditor, NIST CSF Certified Implementer
Andrii Chuenko
Director of project implementation and support of security solutions Head of Security Operation Center
Viacheslav Silenko
Head of SOC solutions implementation and support department IBM Certified Administrator, IBM Certified Deployment Professional
Yegor Skrynnyk
SOC technology architect
Organizers
A Ukrainian integration company founded in 2014
Cyberacademy
HooliGun Production Studio