Avoiding Security Monitoring Alert Fatigue: When Do You Escalate to Your Client? – CFH #26
MSSP SOC analysts are often barraged with security alerts that pop up as anomalous activity is detected on clients' networks. Not all of these notifications are worth reporting and acting upon, but it takes only one overlooked incident to result in a full-fledged attack on the customer. This segment will look at the perennially challenging question of when it's the right time to let your clients know that something may be amiss, without inundating them with unnecessary reports. Also, we'll examine how automation can help reduce the burden on strained SOC analysts.
Hosts
Bill Brenner
Senior Vice President, Audience Content Strategy at CyberRisk Alliance