Advanced SOCs and MSSPs and MDRs, Oh My!

Shane Harsch

Let’s talk meat and potatoes about advancing your SOC with threat hunting, threat intelligence, incident management, and live response. We will also look at how MSSPs and MDRs can make you successful (or not), and how to think about what kind of strategy you might need in today’s hyperkinetic, darkweb-laden, threat-actor-suffused, buzzword-embattled, cyber defense hot mess initiatives

This conversation is intended to:

• Outline the principles of an effective threat detection and prevention program that organizations must operationalize in the new security paradigm.
• Examine security automation and the continued role of manual analysis.
• Recommend steps to assemble security operations and mature incident response capabilities, which are prerequisites for dedicated hunting capabilities.
• Define threat intelligence in a way that is meaningful to your organization to better enable you to filter which companies and products are effective.
• Outline how to be more proactive


Speakers Bio: Shane is an Information Security professional with over 25 years of experience ranging from military to manufacturing to security consulting and professional services. He has managed and architected SOCs for the military and managed service providers and is a commissioned officer in the US Army, Military Intelligence.

Shane holds degrees in business (MBA) and computational linguistics (BA), and maintains the following certifications: Intrusion Analyst (GCIA), Incident Handling (GCIH), Enterprise Defense (GCED), and Information Security (CISSP). 
In addition to his responsibilities as a Senior Solutions Principal at RSA, Shane fosters new professionals to information security as a SANS Mentor.

View LinkedIn Profile