So Many Tools So Little Time: Optimizing Threat Intelligence Effectiveness for SOC Teams



The events of 2020 have forced security teams to address the challenges of securing the exponentially huge work-from-home (WFH) workforce. This same group of unsure WFH employees is facing rapid growth in attacks targeting remote access and collaboration systems and being targeted with sophisticated phishing attacks. All this while the security operations team has to maintain productivity in a distributed, WFH environment.

 

There is no single piece of technology that solves these problems. Security Operations Center (SOC) teams are reacting to this new normal with many tools to address the increased demands and time challenges. Accurate and timely threat information can act as a key force multiplier for security teams with limited staff but the reality is that almost all organizations will use multiple tools from multiple sources. The key to effective use is the ability to integrate and assess the threat information rapidly to take timely action before the business or the customer is impacted.

 

Topics covered in this webcast will include:

 

  •  Collecting threat intel from your existing tools
  •  Identifying threat intel in the wild
  •  Leveraging OSINT tools
  •  Introduction of the Anomali Lens browser plugin                                                           

Learn how to optimize your SOC teams time while you navigate this high-pressure environment.

Speaker and Presenter Information

John Pescatore

 

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

 

Scott Dowsett

 

Scott holds the position of VP of Worldwide Sales Engineering at Anomali. He has over 20 years of experience in the field of cybersecurity and computer networking. Previously, Scott worked as a Senior Pre-Sales Engineer at Intel Security supporting multiple regions specializing in WEB, DLP, SIEM, Firewall, IPS and Advanced Threat Detection products. Prior to joining Intel Security, Scott was a part of Nortel Networks and held various sales engineering roles in support of broadband, enterprise, and security products. Scott holds the Certified Information Systems Security Professional (CISSP) certification from the International Information System Security Certification Consortium as well as the Certified Information Systems Auditor (CISA) certification from the Information Systems Audit and Control Association. In addition, he is also certified in Risk and Compliance.

Relevant Government Agencies

DOD & Military, Federal Government, State & Local Government


    Event Type
    Webcast


    This event has no exhibitor/sponsor opportunities


    When
    Thu, Aug 20, 2020, 1:00pm - 2:00pm ET


    Cost
    Complimentary:    $ 0.00


    Website
    Click here to visit event website


    Event Sponsors

    Anomali


    Organizer
    SANS


    Contact Event Organizer



    Return to search results