By Joshua Goldfarb, Chief Product Officer – IDRRA
& Matt Cauthorn, VP Security – ExtraHop Networks
Flipping The Alert Funnel and Inverting The Investigation Workflow
To gain greater visibility, eliminate alert fatigue, and reduce dwell time of threats in the network, security programs need a new approach to gathering data and conducting investigations.
In this white paper, we propose a new, inverted workflow that focuses on monitoring and protecting critical assets first, and conducting analytics much sooner in the process to drive down dwell time and prevent attackers from harming the business.