ExtraHop Interactive Presentation presented at CyberSecuritySummitAtlanta 2019

by Matt Cauthorn,

Summary : Improved breach detection and threat response are good reasons to up level your security operations center (SOC) from basic monitoring and response to advanced analytics and threat hunting. Automation and orchestration of tedious steps and workflows can increase SOC incident capacity, focus resources, and shorten time to resolution. Effective strategies reduce false positives, blind spots, and data silos to create headroom for more proactive SOC activities — the elusive next-gen SOC. Learn ways to apply automation to the NIST 800 framework from better preparation using dynamic discovery, automated classification of critical assets, and behavioral baselining to anomaly-driven threat detection and real-time investigations.