Deepen your understanding of Lessons Learned from Building a Global Threat Detection Program conversation in a smaller group roundtable discussion and Q&A with the presenter directly following the first session. This follow-on session will be a discussion-based deeper dive on the content that’s just been presented—no new slides will be presented. Attendance is strictly limited to allow for a highly interactive small group experience.

Learning Objectives:
1: Learn the phases of the detection content development lifecycle.
2: Learn to set up processes to allow the program to be self-sustaining.
3: Learn to measure the efficacy of your detection content and act on it.

Awareness of security models such as the ATT&CK framework and Cyber Kill Chain. Interest or experience building processes associated with security operations. Understanding of building and refining detection content such as signatures and SIEM correlations will also be valuable.

Please note this session is a continuation of the discussion from the session Lessons Learned from Building a Global Threat Detection Program . To get the most value out of this Ask the Experts session, please be sure to also enroll and attend the prequel session.