Triage: Introduction


We will build on previous videos, such as the SOC: Orienting An Analyst series, and discuss our analytical conclusions Gravwell: Orienting as An Analyst in real time while using Gravwell to facilitate our investigation.

In this video series, we are going to walk through a typical Security Analyst workflow: triage. We will use multiple data sources and straightforward queries to demonstrate how Gravwell can fit right into the investigations necessary for a Security Analyst to understand the scope of a potential intrusion.

Data Sources