SIEM to SOC: Bridging the Chasm
Have you recently identified a need to introduce a SIEM into your company due to a large quantity of events across your estate?
Looking for unusual actives, anomalies & indicators of compromise is your top priority but how do you stop alert fatigue? Too many alerts (false positives) may lead to missing an important activity, so your goal is to reduce the noise from your SIEM.
Despite what vendors tell you, the SIEM will not alert you to crucial indicators without you investing a lot of time and effort.
Join us and CREST on Tuesday 24th May at 9am as we discuss the process you need to take and set up your SIEM correctly to provide you with ROI as well as looking at the difference between a SIEM and a SOC. Have your questions ready as we will also have a live Q&A at the end of the webinar.
Throughout the webinar we will be focussing on:
- Identifying which log sources, you need to ingest
- Knowing your estate
- What threats to look our for and what actions you need to put in place
- Data Enrichment
- Documented Processes for incident
- Continuous Optimisation
- Threat Hunting
- People, Process and Technology