Incident response teams are faced with an ever-increasing number of security incidents to respond to.
In these times of a global pandemic, Cybercriminals have been employing the tactic of sending phishing emails that appear to come from trusted brands (like CDC and WHO) and it has thus become mission-critical for security analysts to accelerate the elimination of false positives to get to the actual threats fast and eliminate them with comprehensive and accurate incident response procedures.
Two specialized playbook automations are now being shared for customers to support this cause and accelerate the incident triage stage for Security Analysts.
The repeat detection playbook offers a new approach to determine if incident response has been provided on an exact or similar phishing report in the past and enable Security Analysts to work the new report in a similar way.
The email domain spoof detection playbook helps alert analysts to the possibility of a look-alike domain in the phisher’s email address and gets the triage going.
In addition, the product experts will be holding a live webinar to introduce these playbooks:
- Wednesday June 17 at 8 am (16:00 London time).
- No registration needed, (just turn up 2 minutes early please): https://servicenow.zoom.us/j/96925281051
Update: the recording of the webinar, with Q&A is now available. See one of the comments below.
Introduction video (the full webinar is available further down the page).
Update: the recording of the webinar, with Q&A is now available. See one of the comments below.
Please make sure you subscribe to this page (top right of your screen) to receive further information (e.g. link to the webinar). Thank you.
