Duration: 01:31:59
Threat feeds are a powerful way to identify attacks that use known infrastructure and malware. Unfortunately, teams can spend a lot of time chasing down alarms triggered by IP addresses that appear on a threat feed. So how can teams choose which addresses warrant deeper investigation?
In this on-demand webcast, you will learn how to effectively use threat feed metadata and evaluate different types of Indicators of Compromise (IoCs) to accelerate investigation of threat data alarms.
Ultimate Security Windows Host Randy Franklin Smith and LogRhythm Sales Engineer Nicholas Ritter will explain the fundamentals of evaluating threat feed metadata and the growing trend of Threat Intelligence Platforms (TIP).
Ritter will also show you how can make the most of threat intelligence data when you combine it with a Security Information & Event Management (SIEM), like LogRhythm’s NextGen SIEM Platform. In this webcast, you’ll learn:
- How to use threat intelligence feeds to be useful in various stages of threat hunting and response
- Common challenges and what to consider when working with threat feed data
- How to use TIPs to help aggregate and curate threat intelligence data
- Real world examples and best practices from the field to help effectively leverage threat intelligence feeds
Watch the on-demand webinar now to learn how to improve your threat hunting accuracy with threat feed metadata.