SOAPA

Security Operations and Analytics Platform Architecture

Industry Leaders Discuss SOAPA

Security technology vendors are bullish on SOAPA and have strong opinions about how SOAPA can impact security operations. In this video series, Jon Oltsik and Doug Cahill explore the concepts, deployment, and future of SOAPA with industry leaders.

logo

Anton Chuvakin, Head of Solution Strategy, Google Chronicle | October 2020

 

Part 1:

  • Detection as code.
  • SOC nuclear triad progression.
  • New data sources.
  • XDR.
 

Part 2:

  • Security data.
  • Common Chronicle use cases.
  • The tradeoff between security efficacy and complexity.
  • SOC modernization.
  • The future of SOAPA.


logo

Sam Curry, CSO, Cybereason | August 2020

 

Part 1:

  • Why EDR?
  • EDR as part of SOAPA.
  • EDR for “low and slow” attack detection.
  • SOAPA integration.

Part 2:

  • This newish thing called XDR.
  • What about analytics?
  • The Cybereason ASOC concept.
  • The future of SOAPA.


logo

Dave Gruber, Senior Analyst, ESG | June 2020

 

Part 1:

  • The role of EDR.
  • EDR integration.
  • EDR adoption.
  • EDR vs. MDR.
 

Part 2:

  • The definition of XDR.
  • Whether XDR is a product or an architecture.
  • Where XDR is today.

 

Part 3:

  • XDR deployment models.
  • Who needs XDR?
  • XDR and the SOC.
  • The future of SOAPA and XDR.


logo

Hugh Njemanze, CEO, Anomali | June 2020

 

Part 1:

  • Security operations difficulties.
  • Issues around alert fatigue and keeping up with security threats.
  • Operationalizing threat intelligence.
  • Skills requirements for threat intelligence analysis.
 

Part 2:

  • The impact of COVID-19.
  • Security operations technology integration.
  • Security operations in the cloud.
  • The future of security operations.


logo

David Wolpoff, CTO and Co-founder, Randori | December 2019

 

Part 1:

  • What Randori does and how it fits with SOAPA.
  • Randori customers.
  • What they help organizations find and what they do with these findings.
  • How Randori can support and act as a superset for the MITRE ATT&CK framework (MAF).
 

Part 2:

  • How Randori tools can help CISOs and even CEOs identity cyber risk and put intelligent plans in place for risk mitigation.
  • Randori platform.
  • How Randori can help organizations streamline and automate security operations.
  • The future of SOAPA.


logo

Stu Bradley, VP of Fraud and Security Intelligence, SAS Software | July 2019

 

Part 1:

  • SAS’s role in cybersecurity.
  • SAS customers.
  • It’s all about the data.
  • Risk management.
 

Part 2:

  • Cybersecurity analytics readiness.
  • The cybersecurity skills shortage and its impact on security analytics.
  • The future of SOAPA.


logo

Dimitri Vlachos, VP of Marketing, Devo | April 2019

 

Part 1:

  • Benefits of a cloud-based security analytics architecture.
  • Data elements.
  • Data privacy.
 

Part 2:

  • Devo use cases.
  • Devo’s security focus.
  • The future of SOAPA.


logo

Jason Rolleston, VP, Product Marketing for Security Operations, McAfee | May 2018

 

Part 1:

  • McAfee product integration
  • The value of endpoint security data
  • McAfee endpoint policy orchestrator (ePO)
 

Part 2:

  • Security analytics and operations
  • Advanced prevention
  • The future of SOAPA


logo

Paul Nguyen, VP for Product Strategy and Management, FireEye | May 2018

 

Part 1:

  • Technology integration.
  • SOAPA data.
  • Helix.
  • Endpoint and threat intelligence.
 

Part 2:

  • Security operations best practices
  • The cybersecurity skills shortage
  • Changing the market perception of FireEye
  • The future of SOAPA


logo

Jerry Skurla, CMO, Bay Dynamics | January 2018

 

Part 1:

  • The intersection of cybersecurity and risk.
  • Collaboration between risk and security teams.
  • SOAPA and GDPR.
 

Part 2:

  • The role of machine learning.
  • Bay Dynamics integration.
  • The future of SOAPA.


logo

Karim Toubba, CEO, Kenna Security | December 2017

 

Part 1:

  • The problem with vulnerability management.
  • How have organizations dealt with this situation in the past?
  • How Kenna Security aligns with the SOAPA model.
  • The bridge between security and IT operations.
 

Part 2:

  • The cybersecurity skills shortage.
  • Machine learning confusion.
  • Technology integration.


logo

Arabella Hallawell, VP, Corporate Strategy, Arbor Networks | November 2017

 

Part 1:

  • The current state of DDoS attacks.
  • DDoS protection within SOAPA.
  • Network security analytics use cases.
 

Part 2:

  • SOAPA technology integration.
  • Coordination between security and IT teams.
  • Security operations collaboration drivers.


logo

Amos Stern, CEO, Siemplify | November 2017

 

Part 1:

  • The rationale for security operations technology integration.
  • The value of SOAPA for cybersecurity professionals.
  • SOAPA and security operations processes.
 

Part 2:

  • SOAPA must be designed to support analysts’ needs and not just technology integration.
  • SIEM is a part of SOAPA but not SOAPA itself.
  • What about security operations automation and orchestration?


logo

P.J. Bihuniak, COO, Theta-Point | October 2017

 

Part 1:

  • Why is SOAPA relevant today?
  • Are there consistent security operations issues amongst enterprise organization?
  • What’s with the growth of security data?
 

Part 2:

  • The role of SIEM in SOAPA.
  • The impact of the cybersecurity skills shortage on security operations.
  • The need for SOAPA.


logo

Sean Convery, VP and GM, Security Business Unit, ServiceNow | October 2017

 

Part 1:

  • Cybersecurity and IT collaboration.
  • Vulnerability management.
  • Security processes.
 

Part 2:

  • The purpose of a security operations architecture like SOAPA.
  • How ServiceNow approaches SOAPA.
  • Lessons learned.


logo

Mike Banic, VP of Marketing, Vectra Networks | September 2017

 

Part 1:

  • Why network telemetry is so important for security analytics.
  • SOAPA integration.
  • Adding value to the SIEM.
  • What about the cybersecurity skills shortage?
 

Part 2:

  • Machine learning.
  • Integration with cyber threat intelligence (CTI).
  • Other technology integration.


logo

Rick Caccia, CMO, Exabeam | June 2017

 

Part 1:

  • As a former employee of SIEM pioneer ArcSight, Rick has lots of experience and opinions about the history of security operations, what worked and what didn’t in the past, and the reasons why SOAPA aligns so well with enterprise security requirements today.
 

Part 2:

  • Market confusion around machine learning/artificial intelligence for security analytics.
  • How user behavior analytics (UBA) evolves into SOAPA.
  • Security operations automation and orchestration.
  • SOAPA integration.


logo

Haiyan Song, SVP, Security Markets, Splunk | May 2017

 

Part 1:

  • SIEM’s role within SOAPA.
  • Splunk as an ecosystem.
  • Customers want help with incident response.
  • SOAPA benefits.
 

Part 2:

  • Splunk’s Adaptive Response.
  • Splunk’s SOAPA ecosystem.
  • Splunk on the industry activity around incident response.


logo

Mike Viscuso, CTO, Carbon Black | April 2017

 

Part 1:

  • In this first of a two-part video series, Mike Viscuso, Carbon Black’s Chief Technology Officer, and I begin to explore the expansive topic of employing a security operations and analytics platform architecture (SOAPA) to operationalize security analytics.
 

Part 2:

  • In this second of a two-part video series, Mike Viscuso, Carbon Black CTO, and I pull on more SOAPA (security operations and analytics platform architecture) threads, including the role of SIEM in the next-gen SOC.


logo

Marc van Zadelhoff, General Manager, Security, IBM | March 2017

 

Part 1:

  • Why SOAPA?
  • How does IBM communicate the SOAPA concept to potential customers?
  • Does IBM see SOAPA like the transition from departmental applications to ERP in the 1990s?
  • Is it time for the security industry to rally around some type of common SOAPA standards?
 

Part 2:

  • SOAPA drivers.
  • SOAPA must supplement people with integration and intelligence.
  • What about the need for SOAPA scale?