On-Demand Webinar

Enterprise SOC collaboration is a MUST!

Collaboration
On-Demand Webinar

Enterprise SOC collaboration is a MUST!

Detection Strategies

Enterprises tend to work in silos. That's because security groups are guarded about their data and their methods, for good reason. However, in order to significantly improve our detection (and hence mitigation) game, we need to know more about attacks & breaches. Collaborating with peers in the industry will help understand trending attacks, obtain detection & mitigation plans that actually work, get access to best practices, and exchange actual code to implement in their SIEMs (or other run-time environments). Such collaboration has to be secure, selective, and result in the exchange of implementable instructions, preferably code.The best collaboration that has happened thus far in security operations has been the ISAC - however, participants will agree that it has degenerated to simply becoming a mailing list of noisy IOCs sent to 1000's of recipients with no clear instructions on how to detect & mitigate. This is not materially useful.The level of enterprise SOC collaboration must evolve significantly to contain implementation-ready instructions and code, with enriching analytics to provide context and guidance, and must be easy to use with targeted sharing amongst trusted groups. The most common questions we get from CISOs who are willing to share detection logic are:

  1. What are we sharing?
  2. With whom are we sharing?
  3. How are we sharing?

The platform that provides simple, usable and elegant answers (and actually implements it!) will win.

Get the Latest Resources

Leave Your Data Where You Want: Detect Across Snowflake

Demo Series
Leave Your Data Where You Want: Detect Across Snowflake
Watch

MonteAI: Your Detection Engineering & Threat Hunting Co-Pilot

Demo Series
MonteAI: Your Detection Engineering & Threat Hunting Co-Pilot
Watch
White Paper

Enterprise SOC collaboration is a MUST!

Collaboration
February 11, 2020

Enterprise SOC collaboration is a MUST!

Collaboration

Enterprises tend to work in silos. That's because security groups are guarded about their data and their methods, for good reason. However, in order to significantly improve our detection (and hence mitigation) game, we need to know more about attacks & breaches. Collaborating with peers in the industry will help understand trending attacks, obtain detection & mitigation plans that actually work, get access to best practices, and exchange actual code to implement in their SIEMs (or other run-time environments). Such collaboration has to be secure, selective, and result in the exchange of implementable instructions, preferably code.The best collaboration that has happened thus far in security operations has been the ISAC - however, participants will agree that it has degenerated to simply becoming a mailing list of noisy IOCs sent to 1000's of recipients with no clear instructions on how to detect & mitigate. This is not materially useful.The level of enterprise SOC collaboration must evolve significantly to contain implementation-ready instructions and code, with enriching analytics to provide context and guidance, and must be easy to use with targeted sharing amongst trusted groups. The most common questions we get from CISOs who are willing to share detection logic are:

  1. What are we sharing?
  2. With whom are we sharing?
  3. How are we sharing?

The platform that provides simple, usable and elegant answers (and actually implements it!) will win.

Break Free from SIEM Lock-in

Break Free from SIEM Lock-in