Threat hunting and incident response are core competencies that every security operations center needs to develop as they increase their security maturity. Actually developing those skills while dealing with a historic shortage of trained staff and increasingly sophisticated adversaries is not easy.
In this ISC2 Security Briefing On Demand session, Matt Cauthorn, ExtraHop VP of Security, discusses practical advice for how to overcome the obstacles to improving your threat hunting and IR practices, and how a new way of thinking about network traffic analysis can provide the core data to make a truly proactive SOC achievable.
In this session, you'll learn:
- The biggest obstacles to successful threat hunting and IR.
- The Data Value Equation, a new way of thinking about how you use, share, and analyze your data to get maximum impact across your whole organization, including security operations and IT operations teams.
- Six critical capabilities for every proactive SOC, and how network traffic analysis can power all of them.
- And more practical tips for the proactive SOC.
CISSP certificate holders can earn one CPE credit by viewing this session.