Tim Stahl, Director of Field Threat Engineering, ReversingLabs
Security teams struggle with alert fatigue caused by a variety of factors, which impacts the overall security posture of an enterprise. Too much time is wasted chasing false positives and investigating anomalies that turn out to be normal application behaviors.
The information provided by software supply chain security during the normal application review process can aid security teams long term by helping tune alerts before software is deployed, or address specific concerns or risks with extra layers of detections as needed.
This addition to the application review process can lead to significant resource savings, and increased network security.
Key episode takeaways:
✓ Enterprise security team pain points related to detections and false positives
✓ Identifying behaviors likely to trigger host based security alerts
✓ Reviewing network traffic elements for inclusion in relevant allow lists across security applications and appliances