Incident response teams are already drowning in alerts - and potentially are missing critical vulnerabilities. Extending visibility and responsibility to cloud native environments compounds this challenge faced by teams of weeding through huge volumes of alerts to determine which risks are the most urgent, and how best to respond to incidents.

This session will cover how security teams can use open source projects Tracee and Postee to better identify high risk cloud native events, orchestrate responses Cloud Native third party integrations based on these high-fidelity insights, and execute playbooks for more automated and effective incident analysis and handling processes.

We will discuss how using Postee Actions for integration of detection of malware and container runtime attacks into playbooks can help teams more quickly and accurately respond to critical incidents using third party integrations, rather than treating all alerts with the same degree of urgency.