Filip Stojkovski
SecOps Engineering Lead @ Snyk
Bucharest, Romania
Actions
With over 14 years in the cybersecurity field, I’ve built a career that spans roles from SOC analyst to leadership positions in security engineering, threat intelligence, detection engineering, incident response, and forensics. I’ve had the privilege of managing global teams and implementing cutting-edge security programs, always with a focus on automation to streamline and enhance security operations.
Currently, as a technical advisor, I leverage my deep expertise to help organisations tackle their most complex cybersecurity challenges. My passion for security automation has driven success in the teams I've led, turning tough situations into success stories.
Notable milestones in my career include receiving the "Threat Seekers of the Year" award and creating the LEAD Threat Intelligence Framework—both of which reflect my dedication to pushing the boundaries of cybersecurity.
Beyond my technical work, I’m committed to sharing knowledge through conference speaking engagements and my Security Automation Blog, fostering a community of learning and innovation in the field. Let's connect, learn, and build stronger defenses together
Area of Expertise
Topics
From SOAR to AI-Driven Security: Do We Need a New Name for the Future of Automation?
In this session, I’ll walk you through the evolution of SOAR (Security Orchestration, Automation, and Response) and how vendor acquisitions have shaped its trajectory. Once a standalone solution that revolutionized security automation, SOAR is now being integrated into larger platforms, leaving many to question: is SOAR still relevant, or is it time for a new term that better reflects the power of AI and machine learning?
We’ll dive into how AI-driven technologies, such as Agentic Process Automation (APA) and agent-based workflows, could signal the next era of security automation. I’ll discuss whether we need a fresh label for these new advancements, especially with tools that are smarter, faster, and more adaptable to evolving threats.
Beyond the theory, I’ll provide real-world examples of agents that can be used in security automation, and show how they can be deployed within security environments. You'll leave with a short guide on deploying these agents effectively, along with a breakdown of the pros and cons—what works well and what challenges to watch out for.
Lastly, we’ll look at how all of this ties into the bigger picture, specifically how agent-driven automation fits with detection engineering and incident response. Expect to walk away with practical knowledge on how these technologies will reshape security operations, helping us move from reactive to proactive, intelligent security management.
Don't Build House of Cards - The Use-Case that every Threat Intel Program Needs
A Threat intel program's performance and success highly depend on the Threat Intel use-cases. Finding and creating the right ones has been one of the biggest challenges that Threat Intel teams face. To help the threat intel community tackle this problem, we have created three use-case groups: IOC Champion SPOC(Single point of truth) Strategic Infographic The goal is to help deliver actionable and relevant Threat Intelligence that is tailored according to your needs.
SOC Summit 2021 - Budapest
Intelligent Threat Intel: “LEAD” Framework
“Doing” threat intelligence is important—but doing it right is critical. We have been using threat intelligence for many years as part of the SOC, incident response and threat hunting teams; these are some of the use cases that have mastered it. Applying threat intelligence outside of these use cases is where it can get problematic. This is where the LEAD framework comes in play.
Presented at RSA conference 2020 , DefCamp 2019 and Fal.Con - Conference
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top