The Future is Now: Embracing Detection Engineering for Incident Response

Tuesday, 01 Mar 2022 10:30AM EST (01 Mar 2022 15:30 UTC)
Speakers: Jake Williams, Avigayil Mechtinger

Adversaries are highly motivated, constantly expanding and improving their tools and techniques. On the other side of the fight, security teams are facing a severe resource shortage. There are more open positions than people to staff, and on top of that, it is difficult to find talent with the required skills.

Although there are many signals for improving detection and scaling the efficiency of triage, security teams are overwhelmed with data, causing a bottleneck on the opportunity to scale the decision-making process. This leads to low performance reflected in measurements such as MTTD (Mean Time To Detect) and MTTR (Mean Time To Respond).

As time goes by, cyber attacks are rising, the attack surface is growing, and security teams’ difficulties are becoming even more painful. From this challenge, the detection engineering approach has arisen.

Join us to learn more about SecOps and detection engineering. We will walk through the NIST (National Institute of Standards and Technology) incident response process lifecycle and present automation-based solutions that will help you scale up performance and overcome the gaps created by different pain points along the incident response process