In this session we will explore the value that the addition of Security Orchestration Automation and Response (SOAR) capabilities can have to help organizations be nimble to an ever-evolving threat landscape.

As part of the Fortinet Security Fabric, FortiSOAR allows SOC teams to create a custom automated framework that pulls together all of the organization's security tools to eliminate alert fatigue and reduce context switching. We  will go over what an example attack looks like and how FortiSOAR can not only make it easier to respond to this threat, but also achieve greater clarity on what the purpose or goal of the attack may be. We will also highlight the connections into the Fortinet Fabric as well as a wide variety of 3rd party vendors.

In this session we demonstrate:

• How to Extract IOC when looking at a specific attack
• Look for Secondary correlation, to discover threats hidden in the “noise"
• Examine Dashboards and run Playbooks
• Show how we can enhance collaboration in a SOC environment
• Establish connections for both sources of data and systems to reach out to for action with connectors.