The SecOps track focuses on automated security operations using Fortinet's Security Operations platform, emphasizing threat detection, investigation, and response through integrated security tools and playbooks.

Key Use Cases
1. Digital Risk Protection

• Platform: FortiRecon + FortiSOAR integration
• Focus: External threat landscape monitoring
• Activities: Leaked credentials, exposed services, domain threats, social media threats, CVE management

2. Anti-Phishing Operations

• Objective: Automated phishing detection and response
• Tools: FortiMail, FortiSIEM, FortiSOAR, FortiGate
• Scenario: Investigation of phishing emails with automated playbooks

3. Automatic Quarantine

• Focus: Automated threat containment
• Methods: Network isolation, endpoint quarantine, policy enforcement

4. File Retrieval and Detonation

• Platform: FortiSandbox integration with FortiSOAR
• Process: Automated malware analysis and response workflows

5. Industrial Threat Response

• Specialization: OT/ICS security
• Focus: Operational Technology and Industrial Control Systems protection
• Challenges: Physical, economic, and safety risk mitigation