This session will detail four different technical approaches to threat detection and provide actual real world examples that show the pro’s and con’s of each approach. Learn the value in different types of threat detection, what makes each special, whether or not the alerts and indicators are useful, and what the heck analytics actually are.
Just as important, if you actually get a notification, what do you do about it? And how do you respond? It turns out there are a lot of different options out there and not just snake oil (although there’s a lot of that as well which will be highlighted in this session). Understanding your ICS, your requirements, and how you intend to respond will determine how you do threat detection and the types of detection you should focus on.