Christian Have
Improving Threat Detection Accuracy: Leveraging Probability to Reduce False Positives
This track tackles the challenges of false positives in early-stage attack detection within organizations. Traditional SIEM alerting often leads to a high rate of false positives, posing significant challenges for analysts. We'll explore how context-driven threat detection, powered by probability scoring, can enhance detection accuracy by consolidating relevant observations into actionable incidents. Context-driven threat detection using algorithms increases detection efficacy by fusing relevant observations to produce high-value incidents. Instead of using SIEM to write atomic alerts to detect threats, we’re discussing methods to fuse observations and create high-fidelity alerts. By alerting on incidents in combination, analysts can detect attacks early in the kill chain while eliminating false positives.
Date & Time
Wednesday, May 1, 2024, 9:45 AM - 10:15 AM
Theater 1

Slides from the presentation will be visible on this site if the speaker in question wishes to share them.
Please note that you need to be signed in in order to see them.