This 14-video course helps learners discover the importance of automating the responses to security incidents. Examine how security information and event management (SIEM) and security orchestration automation and response (SOAR) are related, as well as how automation and orchestration differ. The role of playbooks and machine learning in security is also covered. Begin by taking a look at security solutions that align with business objectives, then plan how security can be implemented with DevOps. Examine the relevance of security baselines, compliance reports, and regulatory compliance. Learners can observe common security tools and techniques; explore the need for proactive security incident planning; and see how to identify security incident response processes that could be automated. Differentiate between automation and orchestration solutions in IT, and describe how SIEM allows for centralized security event monitoring. Recognize the need for automated security incident triage and response; plan automation of security triage, and recall how playbooks create workflows that enable automated security incident responses. Finally, you will discover how machine learning can be used to identify potential security incidents.
Intelligent Orchestration: Automating Security Incident Processing