DEF CON 26 PACKET HACKING VILLAGE - Gita Ziabari = How to Tune Automation to Avoid False Positives

hHmxZxJ-eEY/default.jpg

Every SOC is deluged by massive amounts of logs, suspect files, alerts and data that make it impossible to respond to everything. It is essential to deploy automation to accelerate response time, consistency, scalability and efficiency. This talk will cover techniques to design a reliable automated tool in security. We will discuss about techniques of tunning the automation to avoid false positives and the many struggles we have had in creating appropriate whitelists. We will walk through steps of creating an automated tool and the essential factors to be considered to avoid any false positive.

hHmxZxJ-eEY/default.jpg
DEF CON 26 PACKET HACKING VILLAGE - Gita Ziabari = How to Tune Automation to Avoid False Positives DEF CON 26 PACKET HACKING VILLAGE - Gita Ziabari = How to Tune Automation to Avoid False Positives Reviewed by Unknown on November 14, 2018 Rating: 5