Thursday, November 18, 2021
9:45 AM - 10:00 AM

How National Grid gains rich attacker insight from Threat Response alerts with their "Tanium MITRE Rule"

National Grid has been using Tanium Threat Response for a number of years. However sometimes the number of the alert false positives seen for some intel have caused "alert fatigue", which, at its worst, risks a delayed response to real alerts.

Additional Details:

Unique ID
C-E-SESSIONS87
Location
North America/Canada, LATAM
Pass Type
Converge, Converge + Labs, Converge (Fed/Public Sector), Converge + Labs (Fed/Public Sector)
Session Type
Breakout
Tanium Pillars
Control, Speed, Truth, Visibility
Session Track
Threat Hunting
Products & Solutions
Threat Response
Difficulty
Beginner, Beginner/Intermediate, Intermediate, Intermediate/Advanced, Advanced
Focus
Security, Administrator, Operations, Risk
Industry
Agriculture%2C Mining & Raw Materials, Construction, Education, Energy%2C Utilities & Waste, Entertainment, Facilities%2C Lodging & Resorts, Financial Services, Government - Federal, Government - Local, Healthcare & Life Sciences, Holding Companies & Conglomerates, Hospitals & Physicians Clinics, Insurance, Law Firms & Legal Services, Manufacturing%2C Construction & Wholesale Trade, Media & Internet, Media & Telecommunications, Non-Profit & Charitable Organizations, Other, Professional & Business Services, Real Estate, Retail & Hospitality, Software & Technology, Transportation Services