Taking Your Detection Program to the Next Level | SANS Cyber Defense Forum 2020

Channel:
United States SANS Cyber Defense
Subscribers:
23,600
Published on ● Video Link: https://www.youtube.com/watch?v=RaJV1RSXdCE


Duration: 22:18
1,193 views
33

We’ve gotten really good at collecting piles of data. Our customers send us plenty of it and they think every event from every device is being monitored. Are they? Our customers are harnessing an exploding set of cloud and non traditional IT. Past approaches of “slap a sensor on it and call it good” are no longer sufficient. We need to more carefully measure our monitoring coverage, make better use of the data we collect, and ensure our detection program is healthy. In this presentation, Carson will describe the five essential elements of a successful SOC monitoring and detection program: planning, customer engagement, leveraging commodity capability, custom detection creation, and measuring detection effectiveness.

Speaker: Carson Zimmerman, Senior Security Services Engineering Lead, Microsoft

View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at http://www.sans.org/u/195g



Other Videos By SANS Cyber Defense


2021-01-13All About OSINT: Looking Forward, Looking Back
2020-12-12Building the Better Playbook: Techniques to Improve Repeatability | SANS Cyber Defense Forum 2020
2020-12-11Ask Us (Almost) Anything About Cyber Defense | SANS Cyber Defense Forum 2020
2020-12-10Resource Smart Detection with YARA and osquery
2020-12-09Automating Threat Hunting on the Dark Web and other nitty-gritty things | SANS Cyber Defense Forum
2020-12-07Ransomware Defense and Response: Minimizing Risk of an Increasing Threat | SANS Cyber Defense Forum
2020-12-06Resolve Security Alerts with Adaptive Intelligence and Guided Response | SANS Cyber Defense Forum
2020-12-05And Then There Were None (More False Positives): Writing Better EDR Detections | Cyber Defense Forum
2020-12-03XDR - The Hidden Pitfalls of Evaluation and Deployment | SANS Cyber Defense Forum 2020
2020-12-01Metrics on Steroids: Improving SOC Maturity using the SOC-CMM | SANS Cyber Defense Forum 2020
2020-12-01Taking Your Detection Program to the Next Level | SANS Cyber Defense Forum 2020
2020-11-29Analysis 101 for Incident Responders | SANS Cyber Defense Forum 2020
2020-11-28Hiding in the clouds: How attackers can use applications for sustained persistence & how to find it
2020-11-27Asking Questions and Writing Effectively | SANS Cyber Defense Forum 2020
2020-11-25New Tools for your Threat Hunting Toolbox | SANS Cyber Defense Forum 2020
2020-11-16Full Packet Capturing with TShark for Continuous Monitoring & Threat Intel via IP, Domains, & URLS
2020-09-14PowerShell 2020: State of the Art / Hack / Infection
2020-07-30Social Engineering Your Way to Success | Justin Henderson & Ismael Valenzuela
2020-07-22Extending Your Home Lab to include Cloud
2020-07-17Danger Stewards – Measuring Risk and Predicting the Future for Fun and Profit
2020-07-17Network Compromise for the Technically Challenged (Dummies)


Tags:
threat detection program
threat detection
sans institute
carson zimmerman
cyber defense forum
sans cyber defense forum
cyber defense
cyber defender
soc
security operation center
soc monitoring
soc monitoring & detection
soc detection
soc monitoring & detection program