Top 7 Best and Worst Ways to Avoid Alert Fatigue

Webinar Registration

So many alerts and most are false positives. Alert fatigue is real and it’s dangerous. It's dangerous because you will suffer attrition of highly skilled SOC analysts if they are unhappy. Yet the immediate risk is fear that the SOC team will miss “the big one.” A good SOC analyst is happy when they are hunting – not just monitoring consoles. Surveys indicate that staff has to monitor more and more consoles and are increasingly ignoring alerts.  

So, in this real training for free event, we will share research into how to deal with this problem and introduce a unique kind of technology designed to take the grunt work out of alert analysis.

  1. High fidelity escalations
  2. Data stitching
  3. Context
  4. Automation
  5. Normalized event stream
  6. Dynamic baselines
  7. Feedback loop

We will also discuss a few oft-repeated suggestions for dealing with alert fatigue that I believe are a bad idea. One of them I hear all the time is “focus on high-value assets.” That approach may make sense for preventative controls – but I’ll explain why I don’t agree with it for detection controls.

Then our sponsor, Respond Software, will show you something I find exciting: an “integrated reasoning engine” that sits above the SIEM, UEBA, SOAR stack to triage alerts for you robotically so that you focus on the real risks – which is the fun part.

Please join us for this interesting real training for free session.

First Name:   
Last Name:   
Work Email:  
Job Title:  

Your information will be shared with the sponsor.

By clicking "Submit", you're agreeing to our Privacy Policy and consenting to be contacted by us and the sponsor.



Additional Resources