Analysts are well aware of the need for an evidence based toolset. Being able to investigate alerts and find the necessary data to inform the resolution and remediation is key. But despite that, many SOCs are still struggling to work through the ever increasing volumes of alerts and detections. Even knowing that some detections will have false positive rates in the high 90%, they still remain - just in case. We will be discussing how organisations can start to pivot from a reactive, alert driven approach, progressively replacing those ineffective detections with evidence based threat hunts, increasing analyst efficiency and improving awareness as you go.
Watch the recorded webinar
Director of Sales Engineering for EMEA and APAC, Corelight
Matt has specialised in cyber security for over 15 years across endpoint, network and user technologies and has led teams in product management, product marketing and technical sales. With previous roles at Symantec, LogRhythm and BAE Systems, Matt’s extensive experience has allowed him to work with numerous organisations across EMEA and APAC helping them understand how best to address their security challenges.
Corelight provides security teams with network evidence so they can protect the world's most critical organizations and companies.