Would you automatically block a link to SharePoint found in a phishing email directing your users to log into download a document? Then why let automation make your critical incident response decisions for you? Your highly skilled (and well paid) SOC analysts need to know what to do—not them burn out quickly spending most of their day with eyes on glass. This session will look at why it’s better to let your analysts offer the full range of their human skill and intel.
Learning Objectives: 1: Understand the value of human input to the incident response process. 2: Learn how to improve your IR process by the use-cases-related phishing defense. 3: Find out how to integrated additional steps to reduce the noise in SOC automation
Pre-Requisites: Attendee should have a basic understanding of the SOC incident response processes. This session is scoped for attendees in charge of running SOC teams or building out automation to their processes.