CSN02: Threat Response Triage System

Document created by jmerrill on Sep 12, 2010Last modified by jmerrill on Jul 8, 2014
Version 2Show Document
  • View in full screen mode

Threat Response Triage System
Mark Runals, Network/System Analyst, Battelle
Level: Basic
One of the challenges faced by companies that don’t have a 24x7 SOC is prioritizing investigative time. Attend this session and see the Battelle solution that triages systems exhibiting anomalous behavior, without extensive or rigid, pre-defined, chronological order of events use cases. Highlights include how to scale with available hours, how to quickly add or remove use case triggers, and how to modify individual use case triggers independently of others.