在思科 XDR 中使 R 计数翻倍：如何在 10 次点击内实现安全操作 （SecOps） 自动化（无需编写任何代码行）.pdf

1、#CiscoLive#CiscoLiveChristopher van der Made,Engineering Product Manager Cisco XDREmail:Twitter:ChriscoDevNetChriscoDevNetGitHub:https:/ the R count double in Cisco XDR:How to Automate your Security Operations(SecOps)within 10 Clicks(without Writing any Line of Code)Christopher van der MadeHalf Dutc

2、h,Half American,living in Rotterdam(NL)Studied at University of Amsterdam(NL):Major:Neuroscience,Minor:Computer ScienceMasters:Information ScienceBorn and raised in Cisco:Joined Ciscos graduate program in 2015 as Associate Systems EngineerConsulting Systems Engineer for Security in Northern Europe t

3、eam from 2016-2020Developer Advocate for Security in Developer Relations team(Cisco DevNet)from 2020-2022Engineering Product Manager for Cisco XDR(and SecureX),with focus on Automation from 2022 and onwardsHobbies:coding,brewing&drinking,cooking&eating,board sports.whoami 2023 Cisco and/or its affil

4、iates.All rights reserved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex App Questions?Use Cisco Webex App to chat with the speaker after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter m

5、essages/questions in the Webex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.12344https:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicDEVNET-22144#CiscoLive 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicAgendaThreat Hunting and Incide

6、nt ResponseWhat,When and How to AutomateConcrete Demos:Ground Rules for Click TrackingDemo#1:EDR-Contain Incident:AssetsDemo#2:Cisco XDR Automatically Assign Incident to UserDemo#3:Secure Endpoint-Isolate Host with tier 2 ApprovalConclusion and next steps for youDEVNET-22145#CiscoLive 2023 Cisco and