The most important
in security operation
For EMEA region, hosted from Budapest
Join us for a virtual event with leading security operations center experts
We live in a data-driven age, where technology enables us to store, share, and access critical business data anywhere. But then, the number of malicious actors is booming, they also use sophisticated softwares and techniques to make data protection more challenging than ever.
Fortunately, there are Security Operations Centers (SOC) who lend helping hands. Business operations now relies on security operations more than ever before. Read on to know how modern enterprises can benefit from understanding and developing new safeguarding mechanisms.
SOCSummit provides intensive and immersive knowledge to help analysts, consultants and managers in finding best practical next steps to develop themselves, the security systems and their processes.
SOCSummit as a yearly series was established last year, with a highly successful event. This year it is going to provide even more – wider spectrum, more great speakers and enthusiastic audience.
In 2019 this event became one of the most important security events in the region, with more than 150 international participants. The aim of the event is to collect, process and present information relevant for SOC experts and leaders.
Based on feedbacks from our partners, we will discuss the following topics, in three different slightly tuned panels
Hybrid models and cooperating SOCs
As many organizations have no choice and established their own SOC they still struggle with building up niche knowledge or simply lack enough resources. We are talking about models of cooperation between in-house and service provider teams.
ROI models of SOCs
As defense costs are continuously growing, we must provide the financing stakeholders with sufficient metrics for their decisions. Even within the SOC it is important to build up KPIs which will monitor cost-benefit efficiency of the activities.
OT defense in SOCs - separate or together?
There’s a useful and interesting dispute between professionals about the right position and the scope of security operations. Is it possible to utilize the same resources? What are the tooling capabilities? Where should be the ownership of the SOC organization?
PEOPLE & PROCESSES PANEL
How to acquire and maintain resources
We all experience that finding the right candidates is tricky and resourceful therefore we share ideas to make the positions tempting, and the right aspects of a quick evaluation process. It is also common that attrition is a high risk. We will talking about policies, like role-lifecycle model, to be established for people to stay longer.
Virtual SOC - home office of SOC workers
It is now clear, that pandemic speeded up the digital transformation. In average office environment it’s easy to switch to 100% home office. How is it possible to create secure environments and manage the work of remote experts?
New methods to effective incident response
Not only technology but processes evolve too. We provide insights to the recent changes in techniques and new aspects in IR process creation. New exercise types, role models, cooperation challenges will be discussed.
AEP tools in cyber defense
A panoramic view is detailed about the new features and vendors in endpoint protection area. We try to differentiate preventive, detective and responsive capabilities and their potential use in security operations.
Use of threat intelligence today
Once it was considered as holy grail, times went now this is a mature component of in an advanced SOC. We walk around what's changed recently and inspect the function from SOC angle – CTI providers, building threat intel, utilizing CTI in detection content development and process setup.
Defense testing and test automation
Cyber defense capabilities must be tested from different aspects in order to keep up with changing threat vectors and evolving adversary environment. Fortunately, more and more scanners, testing tools and test process supportive software help us to do it efficiently.
OT cyber defense monitoring
We examine the technology aspect of ICS security. Which solution is for which zone, what is used for prevention, detection and hunting or incident response. We present new developments and integration capabilities to central SIEM solutions.
Practical examples of SOA
Although automation is now in productive environments, there is a lot to learn from each-other, as the vendors and features are storming. For not being overwhelmed by the possibilities we focus on use cases from detection (supporting analysis of events and correlation or deep inspection) to scripts helping the response activity by being quicker, more accurate.
We shall examine this much closer than before: from Microsoft O365 and SalesForce.com to docker container security and monitoring all of the above from a central viewpoint. Possibilities for tools, the growing need to monitor privileged SaaS admin users and the control of cloud providers are discussed.
Why is this event special?
It's an exclusive SOC targeted event when we talk to and about security operations only.
An event where we focus on end-users to share their experiences and debate at roundtables.
Our speakers are users, professionals and business stakeholders from end user companies, manufacturers and managed security service providers.
International performers with a wealth of experience across Europe.
We know 3 reasons to come to our event!
The best cyber security specialists in the industry presenting on stage. Sharing their extensive knowledge from recent IT attacks and mitigations with you.
BASED ON REAL EXPERIENCE
The participants reflect to true customer incidents and breaches occurred over the last year. All knowledge comes from firsthand experience of expert teams.
LIVESTREAM AND RECORDED
The event will be broadcasted in livestream and all attendees will get access to recordings after the event to watch again. The discussions will be driven remotely but we work on providing our speakers with presenting stage.
Be patient, speakers will be available soon!
Emese Gálffy - +36 20 408 8364