Alert Investigations in the SOC - Building Your Workflow

  • Wednesday, 10 Apr 2019 3:30PM EDT (10 Apr 2019 19:30 UTC)
  • Speakers: John Hubbard, Justin Henderson

SIEM Series - SIEM Enhancements and Integrations

In the second part of this 3-part webcast series, Case management. Documentation is a key aspect of case management, but is far from the end goal. Ultimately, a case management system needs to provide ease of analysis in both an automated and manual fashion.In this webcast, we will be discussing how to build out an investigation workflow that helps security analysts work more efficiently with better capabilities for proper alert classification. Emphasis will be on making a case management system work on behalf of the analyst rather than the other way around.