Better Incident Response with SCOT
Journal Article
·
· Sandia journal manuscript; Not yet accepted for publication
OSTI ID:1427255
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
SCOT is an incident response management system and knowledge base designed for incident responders by incident responders. SCOT increases the effectiveness of the team without adding undue burdens. Focused on reducing the friction between analysts and their tools, SCOT enables analysts to document and share their research and response efforts in near real time. Automatically identifying indicators and correlating those indicators, SCOT helps analysts discover and respond to advanced threats.
- Research Organization:
- Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Organization:
- USDOE National Nuclear Security Administration (NNSA)
- DOE Contract Number:
- AC04-94AL85000
- OSTI ID:
- 1427255
- Report Number(s):
- SAND--2015-2674J; 581998
- Journal Information:
- Sandia journal manuscript; Not yet accepted for publication, Journal Name: Sandia journal manuscript; Not yet accepted for publication; ISSN 9999-0014
- Publisher:
- Sandia
- Country of Publication:
- United States
- Language:
- English
Similar Records
Putting Security in Context: Visual Correlation of Network Activity with Real-World Information
Tensor Text-Mining Methods for Malware Identification and Detection, Malware Dynamics Characterization, and Hosts Ranking
Does practice make perfect? Lessons learned from full-scale power system incident response exercise
Conference
·
Wed Jun 04 00:00:00 EDT 2008
·
OSTI ID:949135
Tensor Text-Mining Methods for Malware Identification and Detection, Malware Dynamics Characterization, and Hosts Ranking
Technical Report
·
Mon Oct 11 00:00:00 EDT 2021
·
OSTI ID:1826495
Does practice make perfect? Lessons learned from full-scale power system incident response exercise
Conference
·
Tue Jun 18 00:00:00 EDT 2024
·
OSTI ID:2371817