image: Thinkstock

IDG Contributor Network: How can SOC analysts hunt more efficiently? By not hunting

April 12, 2018

Via: CSO

If you ask a Security Operations Center (SOC) analyst, “What’s your biggest challenge when hunting threats?” The majority will give a response like this, “We have a lot of disparate tools that we need to correlate together to identify what are actual threats vs. false positives and noise.”

The problem has plagued SOC analysts for years and is only getting worse as the proliferation of data, and lucrativeness of stealing it continues. Buried in alerts, SOC analysts scramble to manually decipher which ones need immediate attention. Oftentimes, they end up wasting time on lower priority alerts while the more critical ones slip by.

Read More on CSO