How National Grid gains rich attacker insight from Threat Response alerts with their "Tanium MITRE Rule"
National Grid has been using Tanium Threat Response for a number of years. However sometimes the number of the alert false positives seen for some intel have caused "alert fatigue", which, at its worst, risks a delayed response to real alerts.
Speakers:
Frank Furlo - National Grid
Scott McCarthy - National Grid USA Service Company
Additional Details:
Session Type:
Products & Solutions: Threat Response
Difficulty: Beginner, Beginner-Intermediate, Intermediate, Intermediate-Advanced, Advanced
Focus: Tanium Platform, Endpoint Management, Risk & Security, Microsoft & ServiceNow Integrations