This event has ended. Visit the official site or create your own event on Sched.
ONLINE REGISTRATION IS NOW CLOSED. Please visit us on-site during registration hours next week to get a badge.

About the CONNECT Conference:                                                        

Today’s threat landscape is broad and sophisticated, and the consequences for failing to adequately protect against threats and respond appropriately when an attack is underway are far reaching. SecureAuth and Core Security deliver to enterprise-class organizations a discover, secure & protect, and respond capability that is only possible with vulnerability, endpoint, and network security fused with a strong identity protection framework.

Identity-based security automation is a new category that reflects the challenges of a silo’ed approach to enterprise security. Automation in the security operations center (SOC) is the inevitable result of increasingly sophisticated technologies and automation is only possible when false positive and negative results are minimal and the response action is precise and coordinated to minimize restrictions on legitimate access to enterprise resources.

SecureAuth and Core Security customers attending the CONNECT event will hear from company leaders, respected speakers, and industry peers on this new approach to the threat landscape. Product sessions will dive into details on current and future products, and research team members will be available to discuss new technologies. 


Wednesday, October 18 • 3:00pm - 3:45pm
Understanding Network Insight Integrations to Automate Containment and Kick Start Response

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Whether it’s the revered single plane of glass view in a SIEM or building an auto containment workflow for compromised devices, Network Insight admins can use built-in integrators to take action quickly or build their own with the API. With SIEM for instance, what if the view is wrong or incomplete? This can cause the response teams to spend invaluable time looking and or chasing the wrong things. It’s critical to understand how to ingest the NI outputs into your SIEM to keep things flowing smoothly. In this session we will cover the two different types of feeds and ideas on how to best incorporate them into your SIEM workflow. This session will help responders understand the Network Insight SIEM output so they can quickly understand the output and how to build SIEM workflows and dashboards to get optimal results.  Also covered will be use cases for Next Generation Firewall (NGFW), Network Access Control (NAC) and Proxy integrations.

avatar for Stephen Newman

Stephen Newman

SVP Products, Core Security & SecureAuth
Stephen Newman brings over 17 years of technology innovation and leadership to Core Security. He has designed products and product strategies for leading, innovative technologies throughout his career. Most recently as a CTO at Damballa, Stephen’s team successfully built upon the... Read More →

Wednesday October 18, 2017 3:00pm - 3:45pm EDT
Ellington Salon A