- Endpoint Detection and Response (EDR) Tool Architecture and Operations Practices – June 12th, 10:30AM
Increased complexity and frequency of attacks elevate the need for enterprise-scale incident response, broad investigations and endpoint threat detection that goes beyond malware. This presentation will cover how endpoint detection and response tools help organizations speedily investigate security incidents and detect malicious activities and behaviors. Key points covered in this session include the following: • What are the top EDR use cases? • How to use EDR for threat detection. • What security processes are helped by EDR?
- Applying Deception for Threat Detection and Response – June 14th, 9:45AM
Deception is emerging as a viable option to improve threat detection and response capabilities. This presentation focuses on using deception as a “low-friction” method to detect lateral threat movement, and as an alternative or a complement to other detection technologies. This session will cover the following: • Should your organization utilize threat deception? • What tools and techniques are available for threat deception? • How to use deception to improve your current threat detection effectiveness. • How to customize and tune the deception controls. • What are the emerging operational practices around deception?
I also have a workshop and a roundtable together with Anton (who will be speaking about UEBA and SOC):
- Workshop: Developing, Implementing and Optimizing Security Monitoring Use Cases – June 12th, 2:45PM
This workshop will, through peer collaboration, focus on developing, implementing and optimizing security monitoring use cases. The participants will be guided through the Gartner framework to identify and refine their requirements to produce their own security monitoring use cases based on their current challenges and priorities.
- Roundtable: Lessons Learned From Security Analytics Adventures – June 14th, 2:45PM
Many organizations have been venturing beyond SIEM and applying advanced analytics techniques and approaches to security. This roundtable is an opportunity for organizations with security analytics initiatives to share their findings and expose their current challenges on how to make it effective.
If you’re planning to attend any of these sessions, please drop and say ‘hi’. Always nice to meet the readers of the blog 🙂
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.