IBM Security QRadar SOAR

 View Only

Why our User Groups in Europe were so valuable to the Resilient Roadmap and our client’s future

By Allen Rogers posted Thu April 25, 2019 04:10 PM

  

Picture1.png

Resilient's Spring European User Group pulled together an impressive collection of cybersecurity veterans from some of the world’s premier organizations. It resulted in four days, between Zurich and London, of intense collaboration and sharing of innovative ideas. I came away with a new appreciation for the potential of the Resilient platform after witnessing how our clients are leveraging it in truly creative ways to help optimize their SOC and other processes. 

 

Roadmap affirmation (and gaps)

A good deal of time was spent discussing the advancements and features delivered over the previous year as well as the upcoming roadmap. Regarding recently released capabilities, there was a great deal of discussion among the clients about how these new features have been leveraged, as well as limitations which were encountered and suggestions about how to extend or improve them. 

 

As always, there were many suggestions for modifications or features to be added to the upcoming roadmap. These were discussed energetically as a group and will be fed back into our prioritization process. But as a whole, I would say that there was strong affirmation of our strategy and roadmap.

 

 

Automation in the Context of the Human Process

One suggestion that emerged from the conversations was that more mature cybersecurity teams are looking for a seamless way to marry their optimized human processes with the acceleration afforded by technology automation. It was emphasized that these two aspects need to be orchestrated in a single comprehensive platform to maximize effectiveness and visibility. Without that integrated view and interplay between analyst and technology the result would be muted. Many of the discussions centered around techniques and best practices for achieving this orchestration on the Resilient platform.

  

Privacy Module is Coming of Age

I was encouraged by the increased interest in, and utilization of, our data breach compliance module. In the discussions it became clear that this is an increasingly important and challenging issue for our clients. It was also clear that these breach compliance issues were traditionally handled by a separate team in a different silo, and the trend is to bring these two groups closer together and establish better communication and collaboration between them. Some teams were already successfully using the Resilient platform and its adaptive role-based access control capabilities to achieve this collaboration, while many others were eager to learn from their experiences and bring that back to their organizations. 

 

Focus on Deployment, Manageability, HA/DR, and Scale for our Clients

A more prominent topic this year centered around non-functional features such as enterprise deployability, manageability, scalability, etc. Organizations are beginning to significantly scale up their utilization of the platform in terms of the number of use cases driven through it, the number of individuals interacting with the platform, and the amount of automation driven by it. As a result, it highlights the criticality of Resilient to their business. With that comes the increased scrutiny around how the system is deployed, managed and monitored. There were many ideas discussed on how to make those features easier and more effective for our clients. These are all being considered and worked into our roadmap. 

 

All in all, the European Resilient Users Group meeting was an amazing experience and a huge success. There is nothing more powerful than the open exchange of ideas and experiences among experts in their field to open your mind and drive creativity and innovation. I know I learned a great deal. I'd like to thank all those who gave their time to make this such a positive and powerful experience. 

0 comments
23 views

Permalink