As cyber attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. Event monitoring and correlation technologies and security operations are often tied to incident handling responsibilities, but the number of attack variations is staggering, and many organizations are struggling to develop incident detection and response processes that work for different situations.
In this webcast, we'll outline the most common types of events and indicators of compromise (IOCs) that naturally feed intelligent correlation rules, and walk through a number of different incident types based on these. We'll also outline the differences in response strategies that make the most sense depending on what types of incidents may be occurring. By building a smarter incident response playbook, you'll be better equipped to detect and respond more effectively in a number of scenarios.
Watch It Now!
Joe Schreiber is a Solutions Architect with AlienVault who has been doing IT security since the days of dial–up. With his team at AT&T Managed Security Services, Joe built one of the world's largest SIEM systems, bringing thousands of devices under real time security management and monitoring more than 2 petabytes of network traffic daily. With Joe's insight and experience, this is guaranteed to be an hour well spent.