Automating IT Security: Letting Security Analysts Be Analysts

Tuesday, May 14 | 1:00PM–2:00PM CT | Montreux, Second Floor Event Centre
Session Type: Breakout Session
Delivery Format: Interactive Presentation
The tools and appliances available within the IT landscape have expanded the analysis and monitoring capabilities available to IT security personnel. However, these tools (FireEye, Nessus, Rapid7, Bro/Zeek and Kibana) rarely integrate with each other. We'll share how the Virginia Tech IT Security Office has developed several web applications that leverage the APIs of these security appliances, Google Drive, and ServiceNow to provide connective tissue and eliminate data entry and tedium whenever possible. Audience participation will be encouraged so that IT automation strategies, tips, and lessons can be shared and brainstormed.

Outcomes: Learn about the benefits of IT automation and integration between security appliances and incident response and notification systems * Hear from other universities and discuss strategies for automation and management buy-in * Deep dive into key API code examples, followed by a demonstration of how to integrate tools

Presenters

  • Steve Huff

    Security Analyst, Virginia Tech

Resources & Downloads

  • Automating IT Security Letting Security Analysts Be Analysts Steve Huff 2019 Powerpoint

    Updated on 11/18/2022
  • FEINT Deep Dive Text

    Updated on 11/18/2022