A use case describes a relevant scenario of compromise and potential method(s) of detecting the offensive activity. In this session, Chris Crowley, Senior Instructor at the SANS Institute, and Volkan Ertürk, CTO of Picus Security will decompose a sophisticated attack campaign and discuss some innovative approaches that could empower SOC Analysts in proactively building security use cases against such adversarial attempts.
Key discussion topics include:
Unburdening SOC employees of the threat intelligence, detection, and playbooks related workload
Achieving business relevance and prioritization in SOC activities
Best practices and options for empowering existing SOC technologies