How Network Traffic Analytics Eliminates Darkspace for the SOC

  • Thursday, 23 Aug 2018 1:00PM EDT (23 Aug 2018 17:00 UTC)
  • Speakers: Chris Crowley, Barbara Kay

The network doesn't lie. That's one reason companies are increasingly turning to their network to simplify and speed up common SOC workflows. Network Traffic Analytics (NTA) specifically addresses key SOC challenges identified in the recent SANS SOC survey: Asset discovery and inventory, event correlation, and SOC/NOC integration.

The NTA category is relatively new and focuses on facilitating detection and response of post-compromise activity, including command and control, reconnaissance, lateral movement, and exfiltration. Organizations primarily use NTA to gain visibility into East-West traffic within the environment, though it can also heighten visibility of North-South traffic traversing the perimeter. NTA tools complement log data and endpoint instrumentation with an objective view of threat behavior on the network, and dramatically reduce the time to detect and respond to threats.

In this webcast, we'll cover:

  • - How your peers are using NTA technology to focus on what matters
  • - The impact of forward secrecy and TLS 1.3 encryption on network analysis
  • - How NTA can simplify CIS Critical Security Controls 1 and 2
  • - Boosting the productivity and expertise of junior analysts
  • - A live demo showing how ExtraHop Reveal(x) speeds key workflows