Thursday, November 18, 2021
6:45 PM - 7:00 PM

How National Grid gains rich attacker insight from Threat Response alerts with their "Tanium MITRE Rule"

National Grid has been using Tanium Threat Response for a number of years. However sometimes the number of the alert false positives seen for some intel have caused "alert fatigue", which, at its worst, risks a delayed response to real alerts.

Additional Details:

Unique ID
C-E-SESSIONS88
Location
Asia Pacific
Pass Type
Converge, Converge + Labs, Converge (Fed/Public Sector), Converge + Labs (Fed/Public Sector)
Session Type
Breakout
Tanium Pillars
Control, Speed, Truth, Visibility
Session Track
Threat Hunting
Products & Solutions
Threat Response
Difficulty
Beginner, Beginner/Intermediate, Intermediate, Intermediate/Advanced, Advanced
Focus
Security, Administrator, Operations, Risk
Industry
Agriculture%2C Mining & Raw Materials, Construction, Education, Energy%2C Utilities & Waste, Entertainment, Facilities%2C Lodging & Resorts, Financial Services, Government - Federal, Government - Local, Healthcare & Life Sciences, Holding Companies & Conglomerates, Hospitals & Physicians Clinics, Insurance, Law Firms & Legal Services, Manufacturing%2C Construction & Wholesale Trade, Media & Internet, Media & Telecommunications, Non-Profit & Charitable Organizations, Other, Professional & Business Services, Real Estate, Retail & Hospitality, Software & Technology, Transportation Services