_Val_
Incident response and threat hunting have a lot in common: they are typically components of a mature cyber program, they require access to high-fidelity threat intelligence data, and they provide significant value in terms of cyber risk reduction. The difference? With incident response, the team knows that a cyber incident has taken place. With threat hunting, the team hypothesizes that an incident has taken place, but they are not certain.
In this session, Leo Sojref, Solution Architect for External Risk Management at Check Point, will discuss how Incident Response professionals and Threat Hunters can improve their workflows and processes with CTI. Operationalizing threat intelligence as part of DFIR cases helps clearly define the scope of an incident, know which assets were affected, and accelerate mean time to recovery. Similarly, operationalizing threat intel helps Threat Hunters develop a realistic hypothesis, streamline hunting activities and log analysis, and uncover previously undetected threats.
Join us at 10am EST / 4pm CET on Wed, July 16th for this 2nd session in a three-part series on Operationalizing Threat Intelligence.
