Find Threats Before They Find You: Threat Investigation with DomainTools
Tuesday, November, 17th, 2020
In the SOC, defenders are often true to their name—playing defense to manage detections, assess risk, and protect the network from an ever-evolving barrage of threats. However, attacks don’t start with alerts—they start with the infrastructure that attackers set up to deliver the attack.
Learn how you can use real-world attacks to
• Create repeatable processes for assessing indicator risk to support faster triage and more effective threat escalation,
• Rapidly investigate threat actor infrastructure to identify patterns and TTPs, and
• Create profiles that you can use to hunt externally for threats relevant to your organization—moving left in attack detection by finding threats before they find you
Jackie Abrams focuses on solving big-picture threat intelligence challenges through industry collaboration and innovative solution design.