Security teams hesitate to automate
responses because many
detection tools suffer from low
signal-to-noise ratios.
Defenders can even go one step
further, using IoCs gathered
from the initial alert to identify
other victims of the attack.
www.AmericanSecurityToday.com July 2019 - Edition 46
They cannot risk business disruption
because of a false positive
alert.
By relying on tools with substantiated
alerts, defenders can be
more confident automating responses
with less additional investigation
time.
Many organizations are turning
to Security Orchestration, Automation
and Response (SOAR)
platforms to maximize information
sharing and response automation.
SOAR platforms are similar to
https://www.youtube.com/watch?v=aHpP-x7zhQg
(Briefly explore how deception technology is solving organization’s threat detection challenges
through the narrative of our wolf-in-sheep’s-clothing. Courtesy of Attivo Networks.)
31