How National Grid gains rich attacker insight from Threat Response alerts with their "Tanium MITRE Rule"

National Grid has been using Tanium Threat Response for a number of years. However sometimes the number of the alert false positives seen for some intel have caused "alert fatigue", which, at its worst, risks a delayed response to real alerts.

Runtime: 10min

Speakers:

Frank Furlo - National Grid
Scott McCarthy - National Grid USA Service Company

Additional Details:

Session Type: 

Products & Solutions: Threat Response

Difficulty: Beginner, Beginner-Intermediate, Intermediate, Intermediate-Advanced, Advanced

Focus: Tanium Platform, Endpoint Management, Risk & Security, Microsoft & ServiceNow Integrations