Using External Lookups to Increase the Alert Fidelity

Wednesday, 15 Dec 2021 12:00PM EST (15 Dec 2021 17:00 UTC)
Speaker: Chas Clawson

Low alert fidelity leads to high alert fatigue. We will discuss some techniques driving towards more true positives and more actionable alerts through external lookups, enrichments and entropy calculations.

n this session, we'll discuss:

Making better use of threat intelligence
Leveraging Alexa rankings and domain age
Calculating Entropy Scores on domain names to detect DGA
Tried and true geo-location lookups within a SIEM

Login to Register

Sponsor

Related Content

Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)

A Visual Summary of SANS New2Cyber Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024

Offensive Operations, Pen Testing, and Red Teaming, Cyber Defense, Cybersecurity and IT Essentials, Open-Source Intelligence (OSINT), Digital Forensics, Incident Response & Threat Hunting

A Visual Summary of SANS New2Cyber Summit 2023

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2023

Cyber Defense, Open-Source Intelligence (OSINT)

September 9, 2021

A Visual Summary of SANS Blue Team Summit 2021

SANS Blue Team Summit was a free, global, virtual event for the community. Check out the graphic recordings created in real-time during the event.