- This event has passed.
SANS – The SOC of the Future Is Data Driven
April 28 @ 10:30 am - 12:30 pm
As threat data continues to amass, security operations has to work harder and faster to keep up with the growing number of threats. To gain the advantage over adversaries, it is essential for security operations to narrow their focus and streamline threat detection and response efforts. In this product review webcast, SANS Analyst Dave Shackleford, and our own Principal Business Development Threat Intelligence Engineer Christian Galladora and Senior Product Manager Ed Young explores ThreatQ, the platform we designed to help teams process and refine data into intelligence, enabling them to focus on the indicators most relevant to their infrastructure and build a tactical response strategy.
Specifically, this webcast will cover the following key topics:
- Integrating internal and external data sources, whether structure or unstructured.
- Using the DataLinq Engine to deconstruct and merge data into multidimensional relationships, using a five-stage processing pipeline.
- Working with the ThreatQ Library to automatically score and prioritize threat intelligence.
- Building investigations, with ThreatQ Investigations, that include reporting, threat hunting, and tasking in real time.
- Sharing public and custom threat intelligence through the ThreatQ Data Exchange.