"So, you've got an alarm - or 400 alarms maybe, now what? Security incident investigations can take many paths leading to incident response, a false positive or something else entirely. Join this webcast to see security experts from AlienVault and Castra Consulting work on real security events (well, real at one point), and perform real investigations, using AlienVault USM as the investigative tool. Process or art form? Yes.
- Tips for assessing context for the investigation
- How to spend your time doing the right things
- How to classify alarms, rule out false positives and improve tuning
- The value of documentation for effective incident response and security controls
- How to speed security incident investigation and response with AlienVault USM
Joe, Tony and Grant, collectively known as ""JTaG"", have been working with packets one way or another for a combined 50 years. During their tenure at AT&T, they managed IDS for some of the world's largest companies and have used every IDS available from NetRanger to Suricata. They also stood up SIEMs capable of processing billions of events per day in their ""Threat Management"" SOC environment. These days, they use their powers for good, helping customers of all sizes understand the ever-changing security landscape."
There’s a multitude of ways in which attackers can get into company networks, and when they’re in, surprisingly many manage to go unnoticed for long periods of time. Why? In the beginning of a targeted attack the advantage is in the attacker’s corner, as defenders have limited ways of knowing whether they’re being targeted or not and in which ways before the attackers actually start testing their intrusion strategies. However, there’s a certain point in any attack where the defender can gain the upper hand.
Join Forrester Analyst Rick Holland and ThreatConnect Chief Intelligence Officer Rich Barger for a webinar on understanding your adversary and the importance of proper threat intelligence analysis to proactively defend your organization
Before Spending More on Email Security, Start HereOrganizations must update legacy messaging and collaboration systems to better address the changing technology landscape, including against new threats. Since no two organizations are the same, the need for flexible, extensible software is critical to the success of any information security and technology program.oin Zimbra Security Architect Phil Pearl to learn how to improve the security and privacy of your Zimbra Collaboration deployment. He will discuss the three most important aspects of security and privacy for Zimbra Collaboration:Open source transparency and open standards,Flexible framework and modularity to support customizations.