Webinar Download: Case Management Workflow & Best Practices




Screen Shot 2019-10-25 at 3.44.35 PM
Triage with confidence:
trustar & Servicenow workflow demo

When investigating and responding to alerts, security analysts need maximum context to make an informed decision on next steps as quickly as possible.

Much of that context comes from existing internal knowledge from past intelligence reports, cases or incidents or from external enrichment such as OSINT, community sharing, or commercial intelligence reporting.

In this training demo, TruSTAR Intelligence Architect Doug Helton will demonstrate case management workflow best practices through TruSTAR's ServiceNow integrations.

Learn how to:

  • Identify recurrent and related events based on correlations with historical case management ticket and SIEM data.
  • Accelerate investigation triage with context from curated source scores.
  • Redact and share reports with your internal team and external sharing communities.

This live training webinar took place on: Wednesday, October 23, 2019.



More Workflow Training Sessions:


Splunk ES Workflow Training

Stop drinking from the SIEM alert firehose. Respond to alerts faster by learning best practices on how to prioritize based on context and severity. Get the first look at TruSTAR's new Splunk ES integration.

Register Now


Training: Everything You Need to Know About Phishing Triage 

Phishing emails are time-consuming to triage. Learn how to create a phishing repository using TruSTAR's email ingest feature to help your team more easily correlate known-bad entities.