How does your organization know if it is being attacked by hackers or criminals? What process do you use if a threat is detected? In this month’s on-demand Arrow Leadership Call, “Security Orchestration and Automation,” you’ll get insight and a recommended framework for security orchestration and automation implementation.
Speaker Paul Kincaid, Arrow director of security operations and threat intelligence, shares a use case during the webcast that describes seven manual steps that are taken before an incident is turned over to an Incident Response Team and what you can do about it. Kincaid also explains the difference in security orchestration vs. security automation:
- Security Orchestration: Correlates different types of security tools and technologies to empower security operations teams to better understand events and potential attacks against an organization. It provides an analyst with a central location to investigate events or traffic.
- Security Automation: Provides the ability to have a system collect, review and make a decision on an event or information without any human interaction. It frees up an analyst to dig deeper into more targeted or unique events.
Kincaid explains five major values to an organization when security orchestration and automation is implemented:
- Creates a consistent and comprehensive workflow to standardize initial event response activities
- Provides a reduction in time that is required to detect, respond, mitigate and recover from an incident
- Minimizes the human response to common and low-severity events
- Makes more efficient use of the Security Operations Center staff
- Enhances the integration between security products
If you are interested in learning more about security orchestration and automation, this on-demand webcast is for you. If you have questions about the webcast or are interested in learning more, contact your Arrow representative.
Last modified: March 29, 2017