Over 35 InfoSec Courses at SANS Cyber Defense Initiative 2017. Save $400 thru 10/18.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

How the new Preemptive Incident Response methodology can slash end-to-end IR time for SOC teams to minutes and solve alert fatigue

  • Tuesday, March 14th, 2017 at 3:00 PM EST (19:00:00 UTC)
  • Gil Barak and John Pescatore
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • SECDO

You can now attend the webcast using your mobile device!

Overview

The SOC is doing its best to cope with the everyday deluge of alerts, but the sheer numbers are overwhelming. It is becoming increasingly difficult to investigate, validate and remediate accurately. Even as we continue to grow the SOC, amass great expertise, and buy another round of detection solutions, we waste time on false positives, miss real threats and take longer to respond.

By adopting Preemptive Incident Response (PIR) methodology - proactively anticipating and preparing for threats BEFORE they happen - enterprises can boost the effectiveness of the SOC. PIR involves automated, continuous evidence-collection and context establishment that lead to speedy investigation and highly accurate threat validation. Complemented by a suite of highly precise, remote tools, PIR speeds the process of remediation while maintaining business productivity.

In this webinar you will learn about:

  • Preemptive Incident Response - the proactive methodology for preparing for inevitable hordes of incidents before they occur
  • Continuous forensic data collection and placing of all activities and events in context
  • Correlation of alerts with their already-established context
  • Automated investigation and validation to multiply many times the number of alerts that analysts can handle
  • Quantum leap in remote remediation capabilities

Speaker Bios

Gil Barak

Gil Barak, Co-Founder and Chief Technology Officer of SECDO Ltd. Gil played for the last 15 years both offense and defense in the cyber security field. After serving in the Intelligence unit 8200, Gil was a software architect at Apple and a private consultant to Fortune 500 companies such as Amazon and Texas Instruments, as well as the Israel Ministry of Defense.


John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and voice systems "and the occasional ballistic armor installation." John has testified before Congress about cyber security, was named one of the 15 most-influential people in security in 2008 and remains an NSA-certified cryptologic engineer.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.