Upscale Alert Management, Improve Visibility.

There are a good number of challenges security analysts and threat detection engineers face as a part of the alert management process. To name a few, massive volumes of alerts, false positives, and difficulty of prioritization are only some of these challenges.

SIEM Alert Management is a field that requires utmost collaboration among cybersecurity teams and should be managed holistically, with end-to-end planning and execution. Ishak Celikkanat, SOC Consultant at Picus Security, shows the threat-centric validation process with Attack Simulation that allows SOCs to get the required adversarial context with in-depth context and execute their investigations with agility.

Topics covered in this session include:

Validating Detection Rules against a Specific TTP
Measuring Detection Rule Coverage against MITRE ATT&CK
Fixing Detection Gaps with Verified Picus Detection Rules

#Proactıvesoc VIRTUAL event serıes

Smarter SIEM Alert Management with Attack Simulation

ON-DEMAND WORKSHOP

Upscale Alert Management, Improve Visibility.

Validating Detection Rules against a Specific TTP

Measuring Detection Rule Coverage against MITRE ATT&CK

Fixing Detection Gaps with Verified Picus Detection Rules

Speaker

Ishak Celikkanat

SOC Consultant, Picus Security

Watch Now!