homepage
Open menu
Talk with an expert

Shrinking Attack Dwell Times - A Phishing Case Study Demo

  • Tuesday, 03 Oct 2017 1:00PM EDT (03 Oct 2017 17:00 UTC)
  • Speakers: John Pescatore, John Jolly

Security Operations team struggle to quickly prioritize their alert queues to find true positives and rapidly respond to minimize damage. Quickly finding the alerts that represent real attacks presenting the most risk, is key to reducing business disruption as attack surface increases with cloud and mobile, and alert surface increases with new tools like EDR.'this session will demonstrate a practical approach to accelerate this process through thoughtful automation and risk scoring using a user-submitted phishing email use case. 'Attendees will see how the attack dwell time can be compressed using a Security Automation & Orchestration platform, that leverages the existing security stack and SOC tribal knowledge.

Login to Register

Related Content

Blog
Cybersecurity and IT Essentials, Cybersecurity Insights
The ABCs of Cybersecurity
A glossary of cybersecurity terminology that will help you quickly get up to speed on the industry’s terms and meanings.
370x370_Keith-Palmgren.jpg
Keith Palmgren
read more
Blog
New2Cyber_-_Blog_-_CyberSecurity_Expertise_where_should_you_begin_-_2.jpg
Cybersecurity and IT Essentials
Cyber Security Expertise - Where Should You Begin?
Whether SEC301 Intro to Cyber Security or SEC401 Security Essentials - Network, Endpoint & Cloud is right for you, depends on your prior knowledge.
370x370_Keith-Palmgren.jpg
Keith Palmgren
read more
Blog
SANS-HBCU_square.png
Cybersecurity and IT Essentials
SANS Historically Black in Cyber: Past, Present and Future
February marks the beginning of Black History Month in the United States. President Ford declared February as “Black History Month” in 1976, but truly the start of this goes back to an idea of a Howard University Professor, Dr. Carter G. Woodson who had the idea for a celebration to acknowledge the...
Stephen Hart
read more