homepage
Open menu
Talk with an expert

Using External Lookups to Increase the Alert Fidelity

  • Wednesday, 15 Dec 2021 12:00PM EST (15 Dec 2021 17:00 UTC)
  • Speaker: Chas Clawson

Low alert fidelity leads to high alert fatigue. We will discuss some techniques driving towards more true positives and more actionable alerts through external lookups, enrichments and entropy calculations.

n this session, we'll discuss:

  • Making better use of threat intelligence
  • Leveraging Alexa rankings and domain age
  • Calculating Entropy Scores on domain names to detect DGA
  • Tried and true geo-location lookups within a SIEM
Login to Register
Webcast_Regpage.png

Sponsor

Sumo_Logic_Logo.png

Related Content

Blog
N2C_Blog_Image.png
Offensive Operations, Pen Testing, and Red Teaming, Cyber Defense, Cybersecurity and IT Essentials, Open-Source Intelligence (OSINT), Digital Forensics, Incident Response & Threat Hunting
A Visual Summary of SANS New2Cyber Summit 2023
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2023
370x370-person-placeholder.png
Alison Kim
read more
Blog
Blue_Team_Summit_Promo_Graphic.jpg
Cyber Defense, Open-Source Intelligence (OSINT)
A Visual Summary of SANS Blue Team Summit 2021
SANS Blue Team Summit was a free, global, virtual event for the community. Check out the graphic recordings created in real-time during the event.
370x370-person-placeholder.png
Alison Kim
read more
Blog
Cyber Defense
Your SIEM Questions Answered
In this post, SANS instructors Justin Henderson, John Hubbard, and Ismael Valenzuela tackle some of the common questions they get from defenders looking to use their Security Information and Event Management (SIEM) platform as a high-impact detection tool. What are the most common complaints you...
370x370_Justin-Henderson.jpg
Justin Henderson
read more