1 min read

Automation and Orchestration in Cyber Incident Analysis

We are happy to invite you to our event “Automation and Orchestration in Cyber Incident Analysis” on the 16th of June from 16:30 pm.

Register here: https://bit.ly/3NCQ1wN


In a short demonstration, we will tell you more about SIEM (security information and event management) and SOAR (security orchestration, automation, and response), emphasizing the main similarities and differences between the two of them. We will highlight the important sources of information and its analysis to detect malicious actions.

The demonstration part contains the outcome during an incident in a controlled environment and the process of subsequent analysis. The analytical tools will be Qradar and IMB.

The demonstration will focus on the possibilities for automation and integration with other platforms and detailly show the characteristics of the incident, the opportunities for accountability of the decision, and good practices.
Our goal is for more and more organizations to thrive in the digital environment effectively and defend themselves against cyber threats.


1. What is SIEM (security information and event management)?
2. What is SOAR (security orchestration, automation, and response)?
3. Practical Demo – similarities and differences between SIEM and SOAR


The event is suitable for executives and experts with a focus on information technology and cybersecurity.


Alexander Tzokev is our Cybersecurity Center Manager. He is a Cisco certified speaker, with more than 20 years of experience in the field of cybersecurity and, the author of the first Bulgarian book on ethical hacking.

Boris is an information security professional with a focus on threat hunting and advanced security platform administration and monitoring. Being a member of the ASOC team, he participates in incident triage, vulnerability assessments, and coordinates the implementation of a variety of security-related policies and training.

We will be expecting you!