Real-time Incident Remediation – 1E & SANS
Organizations are under constant attack leaving IT to investigate hundreds of incidents a day. If a breach or malware attack occurs, there are several steps taken before remediation can begin, causing potentially hundreds of thousands of endpoints to endure vulnerability before IT ops can respond the incident. It is important that security can investigate issues in organizational context as quickly as possible. It’s also crucial that operations have the right tools to respond to the incident cross-platform at scale within the organization. In addition, the resolution of the incident should become part of the organizational knowledge base so if the incident reoccurs, the resolution can be automated.
We will discuss:
- EDR Solution takes too long to respond. Talking to 200 hosts is fine, but talking to 20,000 hosts takes forever.
- EDR Solutions have blind spots on Linux clusters and some people are using Macs.
- Scale of product is very important to be able to roll this out.
- Software inventory is very important. We discuss 10 important factors.
- Andy SchmidSVP Product, 1E
- Jake WilliamsSenior Analyst, SANS
Fill in the form to watch the webinar
Cyber security is critical. One breach could destroy your organization’s reputation and cost millions of dollars. We take that threat seriously. 1E gives you unprecedented control and visibility over your entire IT estate, delivered at speed and at scale. 1 in 4 of the Top 100 companies by market capital are active 1E customers: we’re working towards a world of proactive cyber security, a world where CIOs and CISOs work together to ensure that no threat can bring down their systems.