Prof Wool: Advanced Cyber Threat and Incident Management

Lesson 1: How to Bring Business Context into Incident Response

- cyberattack, cyber attack, cyber threat, incident resonse, Network Security, prof wool, Security Incident and Event Magement, security management, siem, splunk

Advanced Cyber Threat and Incident Management: Lesson 1

SIEM solutions collect and analyze logs generated by the technology infrastructure, security systems and business applications. The Security Operations Center (SOC) team uses this information to identify and flag suspicious activity for further investigation. In this lesson, Professor Wool explains why it’s important to connect the information collected by the SIEM with other databases that provide information on application connectivity, in order to make informed decisions on the level of risk to the business, and the steps the SOC needs to take to neutralize the attack.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Prof Wool: Advanced Cyber Threat and Incident Management

Lesson 1: How to Bring Business Context into Incident Response

Related videos

Products

Application Segmentation Using AlgoSec AutoDiscovery

Demos

AppViz Server Migration

Thought Leadership

Managing network objects in hybrid environments

Ecosystem

Application Segmentation with Cisco Tetration & AlgoSec

Prof Wool: Advanced Cyber Threat and Incident Management

Lesson 2: Bringing Reachability Analysis into Incident...

Prof Wool: Next Generation Firewalls

Lesson 4: Using Next Generation Firewalls for Cyber...

Lesson 1: How to Bring Business Context into Incident Response

Subscribe

Related videos