Security Sensemaking: The Magical Number 7, Plus or Minus 2
Now Available On-Demand!
It is said the number of objects an average human can hold in working memory is 7 ± 2, yet the average IR analyst during triage is tracking and managing 30+ items to determine an incident's severity and risk. Why so many? Because our endpoint processes, tools, and methodologies have set us up to fail as human analysts by focusing on the past and present activity without regard to potential future actions.
Join Michael A. Davis, CTO of CounterTack, and author of "Hacking Exposed: Malware and Rootkits," to learn how to leverage endpoint data to make sense of the software capabilities, capabilities of code in memory, and even the attacker’s capabilities in order to better detect, analyze and PREDICT attacks before they occur.