A SOC’s Success Depends Upon the Integration of Tools and a Swift Assessment of Threat Information
The events of 2020 have forced security teams to address the challenges of securing the exponentially huge work-from-home (WFH) workforce. This same group of unsure WFH employees is facing rapid growth in attacks targeting remote access and collaboration systems and being targeted with sophisticated phishing attacks. All this while the security operations team has to maintain productivity in a distributed, WFH environment.
There is no single piece of technology that solves these problems. Security Operations Center (SOC) teams are reacting to this new normal with many tools to address the increased demands and time challenges. Accurate and timely threat information can act as a key “force multiplier” for security teams with limited staff, but the reality is that almost all organizations will use multiple tools from multiple sources. The key to effective use is the ability to integrate and assess the threat information rapidly to take timely action before the business or the customer is impacted.
In this webinar, Scott Dowsett, VP of Worldwide Sales Engineering at Anomali and John Pescatore, Director of Emerging Security Trends at SANS, discuss the following topics:
- Collecting threat intel from your existing tools
- Identifying threat intel in the wild
- Leveraging OSINT tools
- Introduction of the Anomali Lens browser plugin