Woodrow Brown

Director, Partner Research and Strategy

Woodrow Brown has over a decade of leadership, service delivery and research experience. As director of partner research and strategy at Optiv, Brown's team provides objective analysis of cyber security products, enabling our clients to make informed decisions for technology selection. Cutting through industry spin, Brown delivers research that provides an accessible understanding of how security technologies function.


We Want Robots to Do (Part of) Our Job

· By Woodrow Brown ·

The job of an information security analyst today is rife with repetitive, sometimes mundane tasks that are performed based on the analyst’s best practices. The operations team as a whole doesn’t have it much better. Over the course of budget cycles, organizations have acquired new tools, new solutions and new platforms. Many are fully functional, some haven’t yet been deployed and very few are integrated with the rest of the security infrastructure.

Continue reading

Transforming Logs and Alerts into Actionable Intelligence with UEBA Functionality

· By Jacob Bolm, Woodrow Brown ·

For information security practitioners, the stored value in security data can reduce both costs and risk. The progression of the treatment of log data is a testament to the recognition of this value. Computer logging facilities began as a first-in-first-out (FIFO) rolling buffer with a finite capacity. Organizations then moved to log management programs where log data was aggregated and stored. Next, Security Information and Event Management (SIEM) systems were put in place. Today, User and Entity Behavior Analytics (UEBA) solutions are at the forefront of unlocking the value of data and a growing number of companies are turning to UEBA to help solve their security challenges.

Continue reading

Can Your Organization Accept the Risk of Being First?

· By Woodrow Brown ·

Optiv recently completed our 2017 endpoint security solution evaluation. For this year’s review, we constructed several use cases that would model threats to enterprise user workstations. The attack scenarios began with exploiting well-known vulnerabilities, such as CVE-2015-0313, and escalated to assumed targeted phishing attacks using custom binaries.

Continue reading
(3 Results)