John Bradshaw, Director, Solutions Engineering, Acalvio
Three minutes. In general, front-line security operations analysts have three minutes to evaluate an alert on their front pane of glass and determine if it warrants further investigation or can be dismissed as "not impactful to the organization". Your analysts must be right every single time in order to prevent a breach that could cost millions of dollars, the adversary - they only need to be right one time.
This session will illustrate:
- How SOC / IR teams can utilize high-fidelity alerts such as those generated by Deception-based solutions.
- Power of correlation and data analytics to reduce the time it takes to answer basic triage questions on an alert.
- How to develop actionable visualizations that improve the hunt for adversaries in your network.