Automating SecOps - Monitoring & Triage for EDR Events

Presented by

Tim Wenzlau, Product Manager and Mike Reynold, Product Marketing

About this talk

Endpoint Detection and Response (EDR) provides security organizations with highly accurate, detailed, low-level OS information, by way of 10s of thousands of events per day. EDR is a key piece for optimal security posture, however, monitoring requires deep OS and security expertise to achieve a quick and effective response. Many organizations have Tier 1 analysts swiveling between consoles, generating manual queries, and incorporating other context and security events; a method that often leaves security teams with more alerts than they can manage. By automating the monitoring & triage of EDR events with Robotic Decision Automation (RDA), security teams can focus on their response actions and other areas that reduce business risk. In this session, you'll learn how Respond Software uses RDA to enhance EDR data by: - Monitoring attacks in realtime - Eliminating false positives using probabilistic models - Leveraging multiple security data sources and automated analysis
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (30)
Subscribers (2400)
Respond Software is the cybersecurity investigation automation company and creator of the Respond Analyst, an XDR engine built to accelerate investigations for security operations teams. Defense agencies, government bodies, universities, large enterprises, and leading managed service providers use the Respond Analyst to get investigation power at machine speed. The Respond Analyst works with the broadest range of vendors, sensors, threat intelligence and data repositories in the industry to improve detection and response while raising security analyst productivity. Since its founding in 2016, Respond Software has partnered with more than 100 customers to apply data science to help security operations defend their enterprise.