Marc Solomon, CMO, ThreatQuotient | December 2020
Part 1:
- What’s the deal with cyber threat intelligence (CTI)?
- Use cases for ThreatQuotient.
- Alert fatigue.
- SOC modernization.
Part 2:
- SOC integration.
- Process automation.
- Are we moving toward SOC visualization consolidation?
- XDR through the lens of ThreatQ.
- The future of SOAPA.
Anton Chuvakin, Head of Solution Strategy, Google Chronicle | October 2020
Part 1:
- Detection as code.
- SOC nuclear triad progression.
- New data sources.
- XDR.
Part 2:
- Security data.
- Common Chronicle use cases.
- The tradeoff between security efficacy and complexity.
- SOC modernization.
- The future of SOAPA.
Sam Curry, CSO, Cybereason | August 2020
Part 1:
- Why EDR?
- EDR as part of SOAPA.
- EDR for “low and slow” attack detection.
- SOAPA integration.
Part 2:
- This newish thing called XDR.
- What about analytics?
- The Cybereason ASOC concept.
- The future of SOAPA.
Dave Gruber, Senior Analyst, ESG | June 2020
Part 1:
- The role of EDR.
- EDR integration.
- EDR adoption.
- EDR vs. MDR.
Part 2:
- The definition of XDR.
- Whether XDR is a product or an architecture.
- Where XDR is today.
Part 3:
- XDR deployment models.
- Who needs XDR?
- XDR and the SOC.
- The future of SOAPA and XDR.
Hugh Njemanze, CEO, Anomali | June 2020
Part 1:
- Security operations difficulties.
- Issues around alert fatigue and keeping up with security threats.
- Operationalizing threat intelligence.
- Skills requirements for threat intelligence analysis.
Part 2:
- The impact of COVID-19.
- Security operations technology integration.
- Security operations in the cloud.
- The future of security operations.
David Wolpoff, CTO and Co-founder, Randori | December 2019
Part 1:
- What Randori does and how it fits with SOAPA.
- Randori customers.
- What they help organizations find and what they do with these findings.
- How Randori can support and act as a superset for the MITRE ATT&CK framework (MAF).
Part 2:
- How Randori tools can help CISOs and even CEOs identity cyber risk and put intelligent plans in place for risk mitigation.
- Randori platform.
- How Randori can help organizations streamline and automate security operations.
- The future of SOAPA.
Stu Bradley, VP of Fraud and Security Intelligence, SAS Software | July 2019
Part 1:
- SAS’s role in cybersecurity.
- SAS customers.
- It’s all about the data.
- Risk management.
Part 2:
- Cybersecurity analytics readiness.
- The cybersecurity skills shortage and its impact on security analytics.
- The future of SOAPA.
Dimitri Vlachos, VP of Marketing, Devo | April 2019
Part 1:
- Benefits of a cloud-based security analytics architecture.
- Data elements.
- Data privacy.
Part 2:
- Devo use cases.
- Devo’s security focus.
- The future of SOAPA.
Jason Rolleston, VP, Product Marketing for Security Operations, McAfee | May 2018
Part 1:
- McAfee product integration
- The value of endpoint security data
- McAfee endpoint policy orchestrator (ePO)
Part 2:
- Security analytics and operations
- Advanced prevention
- The future of SOAPA
Paul Nguyen, VP for Product Strategy and Management, FireEye | May 2018
Part 1:
- Technology integration.
- SOAPA data.
- Helix.
- Endpoint and threat intelligence.
Part 2:
- Security operations best practices
- The cybersecurity skills shortage
- Changing the market perception of FireEye
- The future of SOAPA
Jerry Skurla, CMO, Bay Dynamics | January 2018
Part 1:
- The intersection of cybersecurity and risk.
- Collaboration between risk and security teams.
- SOAPA and GDPR.
Part 2:
- The role of machine learning.
- Bay Dynamics integration.
- The future of SOAPA.
Karim Toubba, CEO, Kenna Security | December 2017
Part 1:
- The problem with vulnerability management.
- How have organizations dealt with this situation in the past?
- How Kenna Security aligns with the SOAPA model.
- The bridge between security and IT operations.
Part 2:
- The cybersecurity skills shortage.
- Machine learning confusion.
- Technology integration.
Arabella Hallawell, VP, Corporate Strategy, Arbor Networks | November 2017
Part 1:
- The current state of DDoS attacks.
- DDoS protection within SOAPA.
- Network security analytics use cases.
Part 2:
- SOAPA technology integration.
- Coordination between security and IT teams.
- Security operations collaboration drivers.
Amos Stern, CEO, Siemplify | November 2017
Part 1:
- The rationale for security operations technology integration.
- The value of SOAPA for cybersecurity professionals.
- SOAPA and security operations processes.
Part 2:
- SOAPA must be designed to support analysts’ needs and not just technology integration.
- SIEM is a part of SOAPA but not SOAPA itself.
- What about security operations automation and orchestration?
P.J. Bihuniak, COO, Theta-Point | October 2017
Part 1:
- Why is SOAPA relevant today?
- Are there consistent security operations issues amongst enterprise organization?
- What’s with the growth of security data?
Part 2:
- The role of SIEM in SOAPA.
- The impact of the cybersecurity skills shortage on security operations.
- The need for SOAPA.
Sean Convery, VP and GM, Security Business Unit, ServiceNow | October 2017
Part 1:
- Cybersecurity and IT collaboration.
- Vulnerability management.
- Security processes.
Part 2:
- The purpose of a security operations architecture like SOAPA.
- How ServiceNow approaches SOAPA.
- Lessons learned.
Mike Banic, VP of Marketing, Vectra Networks | September 2017
Part 1:
- Why network telemetry is so important for security analytics.
- SOAPA integration.
- Adding value to the SIEM.
- What about the cybersecurity skills shortage?
Part 2:
- Machine learning.
- Integration with cyber threat intelligence (CTI).
- Other technology integration.
Rick Caccia, CMO, Exabeam | June 2017
Part 1:
- As a former employee of SIEM pioneer ArcSight, Rick has lots of experience and opinions about the history of security operations, what worked and what didn’t in the past, and the reasons why SOAPA aligns so well with enterprise security requirements today.
Part 2:
- Market confusion around machine learning/artificial intelligence for security analytics.
- How user behavior analytics (UBA) evolves into SOAPA.
- Security operations automation and orchestration.
- SOAPA integration.
Haiyan Song, SVP, Security Markets, Splunk | May 2017
Part 1:
- SIEM’s role within SOAPA.
- Splunk as an ecosystem.
- Customers want help with incident response.
- SOAPA benefits.
Part 2:
- Splunk’s Adaptive Response.
- Splunk’s SOAPA ecosystem.
- Splunk on the industry activity around incident response.
Mike Viscuso, CTO, Carbon Black | April 2017
Part 1:
- In this first of a two-part video series, Mike Viscuso, Carbon Black’s Chief Technology Officer, and I begin to explore the expansive topic of employing a security operations and analytics platform architecture (SOAPA) to operationalize security analytics.
Part 2:
- In this second of a two-part video series, Mike Viscuso, Carbon Black CTO, and I pull on more SOAPA (security operations and analytics platform architecture) threads, including the role of SIEM in the next-gen SOC.
Marc van Zadelhoff, General Manager, Security, IBM | March 2017
Part 1:
- Why SOAPA?
- How does IBM communicate the SOAPA concept to potential customers?
- Does IBM see SOAPA like the transition from departmental applications to ERP in the 1990s?
- Is it time for the security industry to rally around some type of common SOAPA standards?
Part 2:
- SOAPA drivers.
- SOAPA must supplement people with integration and intelligence.
- What about the need for SOAPA scale?
