Contact us if you would like to sponsor this episode

EXPERT PANELISTS
Tim Condello, Senior Customer Success Manager, Siemplify
Heather Hixon, Senior Solutions Architect, DFLabs
Lior Kolnik, Head of Security Research, Demisto
Ken Westin, Staff Security Strategist, Splunk (Phantom)
Fred Wilmot, VP, Security Engineering, Devo

MODERATOR
Sean Martin, CISSP, Founder and Editor-in-Chief, ITSPmagazine

WATCH AND LISTEN NOW

With hundreds, if not thousands of security alerts per day pouring into Security Operations Centers (SOC), security professionals are fighting a losing battle. Fortunately, tried-and-true manufacturing techniques can turn the tide. Heather Hixon of DFLabs outlines two techniques that can help even the playing field between SOCs and their adversaries.

The most successful incident response programs excel in five areas: visibility, incident management, workflows, threat intelligence, and collaboration/information-sharing. DFLabs Senior Product Manager John Moran explains what’s required to achieve excellence in each of these components from a systems level perspective.

Organizations of all sizes are vulnerable to cybersecurity threats, and they need to be able to detect indicators of compromise in order to address risks and respond to attacks. Integrating SIEM and SOAR combines the power of each to create a more robust, efficient and responsive security program – which ultimately allows security teams to avoid alert fatigue.

Threat detection relies on signatures or the correlation of system events to identify indicators of compromise (IOCs). As such, it is primarily reactive and used to verify if a breach has occurred, and to assess the scope and spread of a threat. This article explains how proactive threat hunting can address this inherent weakness in threat detection by assuming a threat or threat actor has not been detected, yet may have targeted an organization.