The SOC of the Future Is Data Driven

  • Thursday, 28 Apr 2022 10:30AM EDT (28 Apr 2022 14:30 UTC)
  • Speakers: Dave Shackleford, Ed Young, Senior Product Manager, Christian Galladora, Principal Business Development Threat Intelligence Engineer

As threat data continues to amass, security operations has to work harder and faster to keep up with the growing number of threats. To gain the advantage over adversaries, it is essential for security operations to narrow their focus and streamline threat detection and response efforts. In this product review webcast, SANS Analyst Dave Shackleford explores ThreatQ, a platform designed to help teams process and refine data into intelligence, enabling them to focus on the indicators most relevant to their infrastructure and build a tactical response strategy.

Specifically, this webcast will cover the following key topics:

  • Integrating internal and external data sources, whether structure or unstructured
  • Using the DataLinq Engine to deconstruct and merge data into multidimensional relationships, using a five-stage processing pipeline
  • Working with the ThreatQ Library to automatically score and prioritize threat intelligence
  • Building investigations, with ThreatQ Investigations, that include reporting, threat hunting, and tasking in real time
  • Sharing public and custom threat intelligence through the ThreatQ Data Exchange

Sign up for this webcast today and be among the first to receive the associated product review.