by Datadog
In this talk, Matt and Peter will explore how to use mathematics and simulation to optimize the workflow in a security operations center (SOC). Using data and experience from the SOC at Expel, they will use statistics and Monte-Carlo simulation to explore various optimizations including introducing alert severities, tiering analysts, and reducing investigation and incident response time. For each case they will simulate the impact on a SOC and its performance. The source for each example will be provided, so attendees can follow along. Attendees will leave with a better understanding of SOC workflow optimization, and how to use tools to simulate optimization alternatives in their organization.