Thu, Dec 08|
VMRay Breakout Session - CISO XC 3
The Real “F-Word”: Understanding the Source of False Positives & How to Ease the Pain
Time & Location
Dec 08, 2022, 1:50 PM – 2:20 PM
Breakout Room, 400 W Las Colinas Blvd., Irving, TX 75039, USA
About the event
False positives can be overwhelming. With a finite number of hours in the day and limited resources, it’s a daily challenge to validate the vast number of alerts coming into an organization.
Detection rates have improved over the past several years, which is a good thing! But increased detection rates do not come without their tradeoffs.
Prior to using VMRay, our customers saw a high number of alerts coming in from multiple sources. For example, one customer said, “We’ll see files that our EDR says are malicious and should be blocked. But when we look at the surface information, they sometimes appear to be benign.”
This level of manual investigation for every alert puts a strain on the security organization. In this breakout session, learn how to introduce an automated process to reduce the overhead from alerts coming in from your security stack without sacrificing your detection rate.
In this breakout session, you’ll learn:
• The monetary impact of false positives
• Why you might be experiencing many false positives and why it matters
• Why behavioral insights are important
• The best solutions to increase your security teams’ efficiency while improving efficacy