by Datadog
Solution Stage
Modernizing Security Detection in Cloud SIEM with Real-Time and Historical Engines
Date & Location
June 26 | 2:30 PM EDT | Solution Stage
Identifying and hunting advanced threats in complex environments can be resource intensive, time-consuming, and costly. But it is essential for improving automated security detections. When new threats arise, security engineers often spend countless minutes, hours, days, and sometimes even weeks developing new detections. However, new and untested detection rules can overwhelm teams and result in accidental alert storms and an unmanageable amount of false positives. In order to detect emerging threats and keep up with evolving attackers and their techniques, security teams need a modern detection engine that allows teams both to proactively threat-hunt for anomalies and malicious activities in real time as well as across historical data. In this session, we’ll cover: -Proactive threat hunting techniques to identify ongoing compromises and surface latent risks that demand urgent action.-Practical steps to adopt "detection-as-code" methodologies, ensuring rigorous testing of detection rules on historical logs. This approach enhances accuracy, mitigates alert storms, and minimizes the impact of false positives in production environments.