DEF CON 26 PACKET HACKING VILLAGE — Gita Ziabari = How to Tune Automation to Avoid False Positives

Дата: 15.11.2018. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

Every SOC is deluged by massive amounts of logs, suspect files, alerts and data that make it impossible to respond to everything. It is essential to deploy automation to accelerate response time, consistency, scalability and efficiency. This talk will cover techniques to design a reliable automated tool in security. We will discuss about techniques of tunning the automation to avoid false positives and the many struggles we have had in creating appropriate whitelists. We will walk through steps of creating an automated tool and the essential factors to be considered to avoid any false positive.

CISO CLUB

Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *