In the Gartner research report “Applying Network-Centric Approaches for Threat Detection and Response” published March 18, 2019 (ID: G00373460), Augusto Barros, Anton Chuvakin, and Anna Belak introduced the concept of the SOC Visibility Triad.
We often receive questions about our decision to anchor network visibility to network metadata as well as how we choose and design the algorithmic models to further enrich it for data lakes and even SIEMs.The story of Goldilocks and the Three Bears offers a pretty good analogy as she stumbles across a cabin in the woods in search of creature comforts that strike her as being
As the threat landscape evolves, the Vectra team sees budgets used to double down on larger security teams and expand perimeter defenses. It stems from an effort to increase threat detections and accelerate triage.
Unfortunately, this is a false premise.