Streamlining SOC Workflows with Homegrown Tools presented at BSidesPhiladephia 2019

by Chris Dascani,

Summary : At Susquehanna International Group, home-grown platforms provide the Security Monitoring and Incident Response team with powerful, effective tooling. By rolling our own code, we have created a library of platforms that allow our analysts to quickly and efficiently identify, remediate and mitigate threats to the environment. Designing our own tools allows us to fulfill our needs effectively without being constrained by platform limitations. Alec and Chris will give an overview of several in -house developed platforms including; SIG's malicious email scoping, warning and mitigation system and threat intelligence database, regression and automated blacklisting platform. Also high- lighted will be a number of incident response and investigation tools that provide analysts with critical insights such as system/network activities, data loss/exfiltration, and data enrichment. Together, the suite of tools has given the Security Monitoring team an edge in their mission to protect SIG.