Description:  Cyberattacks are a 24/7 reality. The complexity and growth of the enterprise estate, including infrastructure, applications, VMs, cloud, endpoints, and IoT, means the attack surface grows exponentially. Coupled with a skills shortage and resource constraints, security becomes everybody’s problem, but visibility, event correlation, and remediation are other people’s responsibility.  Effective security requires visibility – all the devices, all the infrastructure in real time – but also requires context: what devices represent a threat and what are their capabilities. All this is necessary to manage the threat the business faces and the noise multiple security tools create.

In this workshop, participants learn how FortiSIEM, the Fortinet multi-vendor security incident and events management solution, brings it all together by integrating NOC and SOC solutions to automate IT processes and security responses. Visibility, correlation, and remediation all come in a single, scalable solution. Using FortiSIEM, the complexity of managing network and security operations is reduced, freeing resources and improving breach detection. Worldwide, 80% of breaches go undetected because of skills shortage and event information noise. FortiSIEM provides the cross correlation, machine learning, and user and entity behavior analytics (UEBA) to improve overall response and effectively stop breaches before they occur.

Participants who attend this workshop will learn how to:

• Understand CMDB and FortiSIEM architecture
• Use FortiSIEM features
• Run analytic searches
• Investigate UEBA events
• Use rapid detection and remediation of security events

Use security and performance management