No more typing reviews! Try our Samantha, our new voice AI agent.

Peter | SOC | SOAR | AI

  • CEO at DTonomy
  • Has 10+ Years Of Experience
Badges
90 Points3 YearsTop 20
User Activity
Over 3 years ago
Answered a question: Which UEBA solution do you recommend and why?
UEBA for firewall analytics or are you talking about anomaly detection for firewall traffic behaviors?  
Over 3 years ago
Answered a question: What is the difference between SIEM and Next-Gen SIEM solutions?
"SIEM" and "Next-Gen SIEM" are often used in marketing and may not have a clear definition. Each vendor may have their own interpretation of these terms. The main difference between SIEM and Next-Gen SIEM (often called XDR) is the responsibility for creating security…
Over 3 years ago
Commented on Top Security Orchestration Automation and Response (SOAR) Solutions
I noticed that you mentioned a few SOAR vendors in the list, however, I would like to bring to your attention that Critical Start, Exabeam Fusion, and McAfee ePolicy are not SOAR providers.
Over 3 years ago
Answered a question: How do you decide about the alert severity in your Security Operations Center (SOC)?
There are various approaches that organizations can take to help ensure that alert severity is properly assessed and to mitigate the impact of alert fatigue - One approach is to use a standardized system for evaluating and assigning severity levels to alerts. For example,…
Over 3 years ago
Answered a question: What tools and solutions do you use for automated incident response in an enterprise in 2022?
Advanced SOAR.  It has no-code automation but also has intelligence embedded to auto correlate alerts like XDR does.  Something between SOAR and XDR. 
Over 3 years ago
Replied to Maged Magdy What is an incident response playbook and how is it used in SOAR?
@Maged Magdy agree. These playbooks are a good starting point and need to be customized. 
Over 3 years ago
Answered a question: What is an incident response playbook and how is it used in SOAR?
An incident response playbook is a set of pre-defined steps and procedures that outline how to respond to a specific type of security incident. The playbook typically includes detailed instructions on how to identify, contain, and remediate the incident, as well as any…
Over 3 years ago
Answered a question: What were your main pain points during the SIEM product purchase process?
We've worked in SOC for many years. Here are a few pain points in SIEM solution purchases Difficulty evaluating and comparing different SIEM products: With a large number of SIEM products on the market, it can be challenging for organizations to determine which product is…
Over 3 years ago
Answered a question: What is the difference between SIEM and SOAR platforms?
SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) are both tools used in cybersecurity to monitor and respond to security threats. However, they have different primary functions and use cases SIEM is primarily used…
Projects
Over 3 years ago
1) Ph.D. in computer science. 2) leader in
1) Ph.D. in computer science. 2) leader in the field of security operations analysis and data science at Microsoft. 3) five-time patent holder. 4) founder of Dtonomy, a security orchestration, and automation company.
Experience
Other Skills
connectwise, elastic , dtonomy, sumologic
Answers
Over 3 years ago
User Entity Behavior Analytics (UEBA)
Which UEBA solution do you recommend and why?
Over 3 years ago
Security Information and Event Management (SIEM)
What is the difference between SIEM and Next-Gen SIEM solutions?
Over 3 years ago
SOC as a Service
How do you decide about the alert severity in your Security Operations Center (SOC)?
Over 3 years ago
IT Alerting and Incident Management
What tools and solutions do you use for automated incident response in an enterprise in 2022?
Over 3 years ago
IT Alerting and Incident Management
What is an incident response playbook and how is it used in SOAR?
Over 3 years ago
Security Information and Event Management (SIEM)
What were your main pain points during the SIEM product purchase process?
Over 3 years ago
Security Information and Event Management (SIEM)
What is the difference between SIEM and SOAR platforms?
Comments
Over 3 years ago
Security Orchestration Automation and Response (SOAR)
Top Security Orchestration Automation and Response (SOAR) Solutions
About me

Co-founder of DTonomy(www.dtonomy.com), an AI-based security analysis and response company
and NoiseTotal (noisetotal.io/), threat intelligence on false positives, the opposite of NoiseTotal
and Phish AIR, the popular plugin for quick phishing analysis and reporting

Interesting Projects and Accomplishments
Over 3 years ago
1) Ph.D. in computer science. 2) leader in