January 17, 2022

SOAR - a first principle idea.

18 minutes

Rick explains the network defender evolution from defense-in-depth in the 1990s, to intrusion kill chains in 2010, to too many security tools and SOAR in 2015, and finally to devsecops somewhere in our future.

Resources:

“Cybersecurity First Principles: DevSecOps.” by Rick Howard, CSO Perspectives, The CyberWire, 8 June 2020.

“FAQ,” RSA Conference, 2020.

"Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains,” by Eric Hutchins, Michael Cloppert, Rohan Amin, Lockheed Martin Corporation, 2010, last visited 30 April 2020.

“Malware? Cyber-crime? Call the ICOPs!” by Jon Oltsik, CSO, Cybersecurity Snippets, 22 June 2015.

“Market Guide for Security Orchestration, Automation and Response Solutions,” by Gartner, ID G00727304, 21 September 2020.

“MITRE ATT&CK,” by Mitre.

“The Cybersecurity Canon: The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win,” book review by Rick Howard, Palo Alto Networks, 21 October 2016.

“The Cyber Kill Chain is making us dumber: A Rebuttal,” by Rick Howard, LinkedIn, 29 July 2017.

“The Evolution of SOAR Platforms,” by Stan Engelbrecht, SecurityWeek, 27 July 2018.

“What is SOAR (Security Orchestration, Automation, and Response)?” by Kevin Casey, The Enterprisers Project, 30 October 2020.

Learn more about your ad choices. Visit megaphone.fm/adchoices

...more

View all episodes

By N2K Networks

1313 ratings