How the new Preemptive Incident Response methodology can slash end-to-end IR time for SOC teams to minutes and solve alert fatigue

  • Tuesday, 14 Mar 2017 3:00PM EST (14 Mar 2017 19:00 UTC)
  • Speakers: John Pescatore, Gil Barak

The SOC is doing its best to cope with the everyday deluge of alerts, but the sheer numbers are overwhelming. It is becoming increasingly difficult to investigate, validate and remediate accurately. Even as we continue to grow the SOC, amass great expertise, and buy another round of detection solutions, we waste time on false positives, miss real threats and take longer to respond.

By adopting Preemptive Incident Response (PIR) methodology - proactively anticipating and preparing for threats BEFORE they happen - enterprises can boost the effectiveness of the SOC. PIR involves automated, continuous evidence-collection and context establishment that lead to speedy investigation and highly accurate threat validation. Complemented by a suite of highly precise, remote tools, PIR speeds the process of remediation while maintaining business productivity.

In this webinar you will learn about:

  • Preemptive Incident Response - the proactive methodology for preparing for inevitable hordes of incidents before they occur
  • Continuous forensic data collection and placing of all activities and events in context
  • Correlation of alerts with their already-established context
  • Automated investigation and validation to multiply many times the number of alerts that analysts can handle
  • Quantum leap in remote remediation capabilities