Kroll: Frontline IR Intel for Your SOC: Faster, More Accurate Detection and Response
Threat intelligence can provide a rich insight into threat actor activity but often lacks the timelines and context that comes from the learning of real-life incident investigations. Security leaders need to know how to leverage this frontline intelligence to not only understand if they are likely to be in a similar situation but also to know how they could take immediate action on their defenses.
In this session, Kroll expert George Glass will outline the key threats to look out for in 2023 and discuss how to use live insights from real-world incident investigations to continuously improve your organization’s day-to-day security operations and prioritize risk management plans.
- Threat intelligence drives better detection, which in turn drives better response and better threat intelligence
- How today’s threat landscape demands multi-platform support and flexibility
- Detection-as-Code can bring together logic, metadata and validation
- Effective continuous integration and continuous delivery (CI/CD) process drives threat intel quickly from front lines into all monitored environments
- Developing and testing attack scenarios and playbooks in parallel can ready defenders for seeing real-world events