Resolution Intelligence Cloud Operationalizes Autonomic Security Operations (ASO)

Transcript of the video:

The ASO framework is comprised of four pillars, which is how protection is achievable and beneficial within the Google and Netenrich platform. This framework is comprised of an infinite loop of continuous detection and continuous response based on the four key pillars: security analytics, response orchestration and routing, data visibility, and continuous feedback.

Use Case Scenario 

Before we begin the labs, we will discuss a common situation targeting the ACME Corporation. This is a clear example of what many companies face in today's challenging and complex cybersecurity and digital operations world. The ACME Corporation is under attack and the revenue and payment systems are being targeted. As we know, critical computing assets such as payment systems must be protected and remain operational for businesses to buy, sell, and conduct their day-to-day operations. When major impacts to the business are likely or already occurring in real time to these critical assets, the correct decisions and actions must be made immediately!

Additionally, while senior leadership on the security and operations team are enjoying Thanksgiving Day, they receive an invitation to a war room informing them that a serious and complex cyber attack and threat to the business has been detected. This is critical to its biggest day of the year — Black Friday. Fortunately for the ACME Corporation, they had installed the Netenrich's Resolution Intelligence Cloud. Escalations for this severe impact were already under way and important decisions were being made in real-time, ensuring that the right people were receiving the right information at the right time.

So looking at this attack through the lens of autonomic security operations, we see that even prior to human attention, the Google and Netenrich platforms and products detected, remediated, and provided actionable intelligence. The bottom line, ACME Corporation implemented ASO in order to protect what mattered most.

Introduction to the ASO Labs

We will begin with ASO Lab 1 — "Protect what Matters Most, and an Exploration of Security Analytics." We will explore how businesses can keep their most important information and digital assets, such as revenue, cash, and payment systems, functioning before anything negative happens. We will explore how the Google and Netenrich platforms and processes keep a business up and running.

Next, we'll move on to the ASO Lab 2 — "Achieving 10x Human Scale with Response Orchestration." We will be navigating the ASO/CD/CR infinite loop and investigate the foundational principles of response orchestration. We will explore the machine learning models and policies that deliver 10x human scale effectiveness. AI-driven and robotic tasks take care of lower-level SOC functions anonymously, giving back the limited time and attention of your highly skilled cyber leaders to focus on only the most pressing and complex issues. 

In the ASO Lab 3 — "Situational Awareness with Data Visibility," we will provide a detailed exploration of how continuous detection and continuous response begin automatically with data-log telemetry ingestion. The ASO process has already begun with the creation of our data pipeline and the achievement of data visibility, driving for us "situational awareness" and focus, machine learning, modeling, and behavior analytics insights, actions, and continuous feedback and improvement. 

In our last lab, ASO Lab 4 — "Continuous Feedback is Autonomic," we will configure a hands-on exercise and gain a deep logical understanding of how Google and Netenrich Resolution Intelligence Cloud drive actionable intelligence and in the process of threat detection and response, complete the continuous feedback loop of security and operational improvement. Thanks for watching our review of Autonomic Security Operations and the introduction into the upcoming Labs presented using step-by-step instructions within the Netenrich platform.