Experts Panel - Beyond SIEM: Enterprise Security Monitoring

Presented by

Panel: David J. Bianco, FireEye; Martin Holste, FireEye; Michael Reeves, FireEye; Ryan Stillions, FireEye

About this talk

Moderated by Richard Bejtlich, Chief Security Strategist, FireEye. When you think of “event data”, chances are good that you think of SIEM. If so, you may be missing out on much of the value of your logs for detecting, investigating and responding to security events. Based on extensive real-world experience with large organizations, the Enterprise Security Monitoring (ESM) philosophy extends current host-, network- and event-based collection strategies, bringing data from all three domains under one roof for a unified view of what’s going on inside your organization. In this session, our panelists will discuss key aspects of the ESM approach, including: • Data collection priorities based on your organization’s security goals • Enterprise-scale collection strategies • Deriving context from events • Integrating threat intelligence to improve detection and speed response • Increasing your adversaries’ costs using the “Pyramid of Pain” and “Detection Maturity Level” models This will be a very interactive session, with plenty of audience interaction. We welcome the tough questions. Come learn about a better way of fully leveraging the data you are already collecting to better protect your organization!

Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (464)
Subscribers (101933)
Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.