As a security professional, you’re likely using SIEM to aggregate and correlate syslog data from your security tools to identify and prioritize events. The challenge we consistently hear is that while SIEM does a great job at identifying problems, it lacks the actionable data needed to know what to do next. This session will discuss how network traffic analysis (NTA) complements your SIEM to provide multi-dimensional data for efficient incident response.
In this session, we will:
- Identify critical gaps in SIEM data needed for effective incident response process
- Contrast single-dimension vs. multi-dimensional telemetry
- Demonstrate integration value between SIEM and NTA
- Review specific incident response use cases