Security Analysts

Behind the Evidence Board

Dan Lamorena
by Dan Lamorena
category Security Analysts

Security analysts are the front-line detectives in our search for finding malicious incidents. Unfortunately, that job historically has involved sitting in front of monitors and the drudgery of reviewing events and alerts that are more than likely irrelevant.

Expert systems and machine learning, or as we’re calling it, an XDR Engine, can eliminate much of the tier one monitoring and enable security analysts to focus on higher-level work. The Respond Analyst improves analyst productivity and job satisfaction by helping connect the dots between disparate artifacts and piece together the story of an attack.

Every good crime movie or television show features a messy evidence board that enables the writers of the show to educate the viewer on the main characters, quickly explain monotonous plot points, all while adding to the drama.

For the security analyst, it is also a way to eliminate the drudgery of console monitoring and gets to the teeth of a fully and continuously scoped incident with corroborating evidence shown on a single screen.

Watch the video - click here to see how we have changed the game for the security analyst.

 

The video, filmed in a studio in San Francisco, shows the evolution from older, manual techniques of police work (with a corresponding SF film-noir vibe) to the tools of the modern SOC.  Here are some photos of the filming and a shout out to our production team at GB Films.