The security market is full of solutions to support threat detection and response: EDR, NDR, SIEM, XDR, SOAR, you name it. But just deploying tools is not enough to get results. Organizations must ensure they have the appropriate coverage of threats and technologies to detect and respond to
incidents and minimize impact. This session introduces the coverage concept and how it affects the performance of threat detection and response, as well bringing some important lessons learned from real world deployments.
At the end of this session participants will be able to understand what coverage is in relation to threat detection and response practices.
At the end of this session participants will be able to apply the MITRE ATT&CK framework to map and expand the threat coverage of their threat detection and response practices
At the end of this session participants will be able to comprehend what parts of their technology environment must be covered by their threat detection and response practices.