Register for the on-demand webinar!
An incident responders’ most common task is alert triage, the process of investigation and escalation that ultimately results in the creation of security incidents. As crucial as this process is, there has been remarkably little written about how to do it correctly and efficiently.
Join Sqrrl’s David J. Bianco as he presents a simple question-based framework for triaging alerts, and discusses how to make sure your incident investigation tools support your analysts’ workflows, rather than get in their way. To follow along, the standalone slides are available here.