Supposedly, there's a shortage of Information Security professionals. Some people agree while others disagree. However, there is one thing most infosec professionals will agree on… and that is the fact that we all run around like our hair is on fire because we don't have enough resources to accomplish everything that needs to get done. I know this is the case for most infosec people I talk to. Even if we get an additional headcount, our list of compliance checkboxes, projects, and daily responsibilities keep growing at a phenomenal pace. How do we keep up with this fast-paced growth, insane workload, alerts out our ears and no end in sight? One of the best ways to make a big impact is through automation. Whether you have a massive budget or no budget at all, I will discuss your options and how to start the automation journey… or improve upon what you already have. I'll talk about using existing tools, creating your own scripts, using API's and even the latest fad in security automation, SOAR (security operations analytics and reporting). We will discuss how to determine what you should automate first, automation use cases in infosec, and how to tell if there’s something you shouldn’t automate. Let's face it, we are over tooled and understaffed… We need automation to help us out.

Eric Waters has been an Information Technology professional for over 20 years. He has a Bachelor's degree in Information Security, GPEN, and is a member of the GIAC advisory board. He worked his way up through the ranks from helpdesk to systems engineer and then spent almost 10 years in technology management before deciding to concentrate on Information Security full time. Eric has worked on a wide breadth of projects which range from internal penetration tests to SIEM tuning and vulnerability management. He enjoys reading, writing code, running, and spending time with his family.

Back to SecureWV 2017 video list