Webinar

Why a G2000 Firm Implemented CDR for Its Next-Generation SOC

Thursday, March 26, 2024

11:00 AM - 12:00 PM EST

60 minutes, including Q&A

View Recording

For security operations and incident response teams, multi-cloud environments (AWS, Azure, GCP, Okta, etc.) generate massive amounts of rich telemetry – but cloud detection, investigation, containment, and forensics can be challenging with traditional SOC tools. Not to mention the cost and complexity of log ingestion and enrichment.

Led by David Corral, the Global Head of Cybersecurity Architecture for Repsol, a Global 2000 multi-energy company, this educational webinar will explore why Repsol chose Gem's agentless cloud detection and response (CDR) platform to help transform its next-generation SOC for multi-cloud.

Joined by Gem's CTO, David will describe how the platform:

  • Continuously pulls all of Repsol's cloud logs into a scalable data lake and correlates events across the control, identity, compute, data, and network planes.
  • Increases effectiveness of cloud threat detection by combining detection rules/IOCs with a proprietary cloud UEBA model to filter out noise and detect truly anomalous behavior (IOBs).
  • Addresses gaps not covered by shift-left CNAPP/CSPM tools which are focused on vulnerabilities and compliance vs. helping SecOps teams identify and mitigate active attacks.
  • Provides cloud-native defenses including automated containment actions (deactivating access keys, isolating instances, etc.) and extraction/analysis of cloud forensic artifacts.
  • Addresses gaps not covered by shift-left CNAPP/CSPM tools focused on vulnerabilities and compliance rather than helping SecOps teams identify and mitigate active attacks.

Sponsored by:

Gem Security

Speakers

David Corral

IT/OT Head of Cybersecurity Architecture

Repsol

With nearly 20 years of experience, David manages a global team in charge of analyzing global cybersecurity risks and requirements for the company's digital transformation initiatives and platforms, along with defining the architecture and ecosystem of cybersecurity solutions to address these requirements. His team also implements new projects and services to improve cybersecurity across all cyber specialties in the organization. An engineer by training, David holds a master's degree in information security management and a master's degree in business administration, along with multiple industry certifications including CISSP, CISM, GICSP, and CCISO.

Ron Konigsberg

CTO & Co-Founder

Gem Security

Ron leads technology, innovation, and engineering at Gem Security, the cloud detection and incident response company recognized by Gartner as a Cool Vendor in Modern Security Operations. Prior to Gem, he was Chief Architect and Chief Growth Officer at Singular, a cloud-native data analytics company. Ron started his career as a software developer and team leader in the cyber division of the 8200 unit of the IDF. Ron holds an MSc in Computer Science and Machine Learning from Bar-Ilan University and a BSc in Computer Science from the College of Management Academic Studies, where he graduated with honors.

Terry Sweeney

Moderator

Black Hat

Terry Sweeney is a Los Angeles-based writer and editor who's covered business technology for three decades. He's written about cyber security for more than 15 years and was one of the founding editors of Dark Reading. Sweeney has covered enterprise networking extensively, as well as its supporting technologies like storage, wireless, cloud-based apps and the emerging Internet of Things. He's been a contributing editor to The Washington Post, Crain’s New York Business, Red Herring, Information Week, Network World, SearchAWS.com, and Stadium Tech Report.

Upcoming Events

Blog

Stay Connected

Sign up to receive information about upcoming Black Hat events including Briefings, Trainings, speakers, and important event updates.

Review Board

Training Review Board

Sustaining Partners