Data Security

The power of time in cybersecurity investigations

August 11, 2021
Today’s columnist, Brian Dye of Corelight, says security teams need to treat historical data as a first-class citizen in the SOC.[email protected];
  • Compact: Companies can’t keep quarters (or years) of data if they need petabytes of storage.
  • Richly detailed: The depth and insight that analysts need to drive effective investigations.
  • Judgment free: We need ground truth, not just a historical stockpile of alerts, as we will be looking for what we didn’t know about at the time.
prestitial ad