8:45 AM - 9:30 AM (PDT)
"How did I miss that?" - Why SOC Analysts Might Overlook Evidence in a Threat Investigation
Threat investigation can be a tiring task, but at the same time, it has significant impact on the organization. This is often reflected in the burnout rate of threat analysts in the SOC. The complexity of modern attacks also makes it likely that SOC analysts will miss details that are critical to their investigations. In this session, I'll help you understand:
- Why does this happen?
- What technical steps can you take to reduce the likelihood of it happening?
- What role does burnout and stress play in the equation?