More Data Makes the Behavioral Analysis More Accurate
- SOC leaders should look beyond just log data for anomalies. Threat insights can be found in data can comes from many sources, and it is not always structured.
- The ultimate goal is being able to respond quickly to detected threats, because having all the insight does you no good if you cannot act on it.
“Our advanced endpoint solution has the ability to automatically quarantine or remove an endpoint from the network if we so choose.”
For Lester Godsey, chief information security officer (CISO) of the City of Mesa, a key consideration when executing a security strategy is the business context of the infrastructure and data you are defending. For instance, some organizations have fast-changing environments that support high volumes of transactional activity. Other environments are less dynamic and may not expose business-critical or sensitive data. These differences impact everything from the resources you use to secure your assets to how you analyze threats.