Automating Incident Response with CrowdStrike and Intezer скачать в хорошем качестве

Automating Incident Response with CrowdStrike and Intezer

Many SOC analysts spend much of their time manually triaging and prioritizing new incidents. Ideally, every alert gets attention and a deep investigation in order to determine its risk level and the suitable response. But this time-consuming, manual analysis means teams seldom have the time or resources for proactive hunting. In this recorded webinar, see how Intezer works with CrowdStrike to automate more of your processes for alert analysis, incident response, and threat hunting. 0:00 Intro with Shaul Holtzman (director of sales engineering @and Intezer) and Matan Matalon (information security manager @ Intezer) 4:22 How security operations are changing and resource shortages 6:28 Real-life examples of the challenges and alert fatigue for SOC teams 15:07 Issues with expensive outsourced SOC services/MDRs, surface-level investigations, and inconsistent service 19:00 Mapping out the process for autonomous detection and response 23:01 Using Intezer as your virtual, autonomous SOC 24:35 Reused code, techniques, or infrastructure: What makes Intezer's SOC automation different 28:33 Using automation to power analysis, correlation, and decision making 29:52 Demo: Digging into the details about how Intezer's integration works with CrowdStrike and the set up