If you have a Security Information/Event Manager (SIEM) product monitoring your network, you probably see numerous events affecting your network.  When an unexpected and potentially dangerous event is detected, you will need to take action to block the incident and prevent it from happening again.  Diagnosing what really went wrong, what else is at risk, and determining the appropriate response can be difficult and time-consuming.  We have published a new whitepaper called Firewall Intervention for Threat Response that discusses how you can use the query and policy comparison facilities in Athena FirePAC to analyze the information provided by the SIEM product, identify appropriate rule changes to remediate the incident, and verify that the remedy implemented actually works without creating unintended side effects to the network.