False positives can be overwhelming. With a finite number of hours in the day and a limited amount of resources, it’s a daily challenge to validate the vast number of alerts coming into the organization. One source of these alerts, EDR systems.
Advancements in EDR technology have improved detection rates over the past several years, which is a good thing! But increased detection rates do not come without their tradeoffs.
Our customers are seeing a high number of alerts coming in from their EDR system. “We’ll see files that our EDR says are malicious and should be blocked. But when we look at the surface information, they sometimes appear to be benign.”
This level of manual investigation for every alert coming in from an EDR system puts a strain on the security organization. In this webcast learn how to introduce an automated process to reduce the number of alerts coming in from your EDR system without having to sacrifice your detection rate.
Andrey Voitenko – VMRay