Muutke küpsiste eelistusi

Security Orchestration, Automation, and Response for Security Analysts: Learn the secrets of SOAR to improve MTTA and MTTR and strengthen your organization's security posture [Pehme köide]

4.67/5 (5 hinnangut Goodreads-ist)
, Foreword by
  • Formaat: Paperback / softback, 338 pages, kõrgus x laius: 235x191 mm
  • Ilmumisaeg: 21-Jul-2023
  • Kirjastus: Packt Publishing Limited
  • ISBN-10: 1803242914
  • ISBN-13: 9781803242910
Teised raamatud teemal:
Security Orchestration, Automation, and Response for Security Analysts: Learn the secrets of SOAR to improve MTTA and MTTR and strengthen your organization's security postureSuurem pilt
  • Formaat: Paperback / softback, 338 pages, kõrgus x laius: 235x191 mm
  • Ilmumisaeg: 21-Jul-2023
  • Kirjastus: Packt Publishing Limited
  • ISBN-10: 1803242914
  • ISBN-13: 9781803242910
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781803242910.html
Märksõnad:
Become a security automation expert and build solutions that save time while making your organization more secure

Key Features

Whats inside An exploration of the SOAR platforms full features to streamline your security operations Lots of automation techniques to improve your investigative ability Actionable advice on how to leverage the capabilities of SOAR technologies such as incident management and automation to improve security posture

Book DescriptionWhat your journey will look like With the help of this expert-led book, youll become well versed with SOAR, acquire new skills, and make your organization's security posture more robust. Youll start with a refresher on the importance of understanding cyber security, diving into why traditional tools are no longer helpful and how SOAR can help. Next, youll learn how SOAR works and what its benefits are, including optimized threat intelligence, incident response, and utilizing threat hunting in investigations. Youll also get to grips with advanced automated scenarios and explore useful tools such as Microsoft Sentinel, Splunk SOAR, and Google Chronicle SOAR. The final portion of this book will guide you through best practices and case studies that you can implement in real-world scenarios. By the end of this book, you will be able to successfully automate security tasks, overcome challenges, and stay ahead of threats.What you will learn

Reap the general benefits of using the SOAR platform Transform manual investigations into automated scenarios Learn how to manage known false positives and low-severity incidents for faster resolution Explore tips and tricks using various Microsoft Sentinel playbook actions Get an overview of tools such as Palo Alto XSOAR, Microsoft Sentinel, and Splunk SOAR

Who this book is forYou'll get the most out of this book if You're a junior SOC engineer, junior SOC analyst, a DevSecOps professional, or anyone working in the security ecosystem who wants to upskill toward automating security tasks You often feel overwhelmed with security events and incidents You have general knowledge of SIEM and SOAR, which is a prerequisite Youre a beginner, in which case this book will give you a head start Youve been working in the field for a while, in which case youll add new tools to your arsenal
Table of Contents

The Current State of Cybersecurity and the Role of SOAR
A Deep Dive into Incident Management and Investigation
A Deep Dive into Automation and Reporting
Quick Dig into SOAR Tools
Introducing Microsoft Sentinel Automation
Enriching Incidents Using Automation
Managing Incidents with Automation
Responding to Incidents Using Automation
Mastering Microsoft Sentinel Automation: Tips and Tricks
Benjamin Kovacevic is a cyber-security enthusiast with hands-on experience with Microsoft XDR and SIEM platforms. Currently working with Microsoft Sentinel as a Product Manager, he is focusing on the SOAR component of the solution and working on new capabilities that will help SOCs improve their investigation and response. Benjamin is constantly working to improve his knowledge about cyber-security, as well as to share knowledge about Microsoft SOAR. He is the author of Microsoft Sentinel Automation training, as well as blog posts around tips and tricks to jump-start with Microsoft Sentinel Automation. Benjamin is originally from Bosnia and Herzegovina but currently resides in Ireland with his wife and son.