Incident Response & Threat Intelligence
E6: Visibility is not Just a Buzz Word
Friday, June 9, 2023 10:45 AM - 11:45 AM
Room 503/504
Description
| To an analyst running an incident response investigation, it quickly becomes apparent that good visibility into a network not only helps strategize proper response, but can reduce the risk and impact of an attack in the first place. Proper visibility into ones IT helps a security team to identify attacks quickly, limit the organizational risk exposure, and reduce the time it takes to investigate and remediate an incident. Will Gadzinski and Eric Wedin, two Digital Forensics and Incident Response (DFIR) Consultants, will provide insight into the methodology and techniques they use to gain that critical level of visibility during an incident investigation. Their experience in incident response includes stories of large IR events when a client employed advanced network visibility tools and those that didn’t, and they will lean on their experiences to explain the investigation methodologies that they employ when they need to figure out “what is happening” in every type of environment. |
Learner Objectives
| After this session learner will : -Have insight into the methodology and techniques Will and Eric use to gain the critical level of visibility during an incident investigation -Learn why visibility into ones IT helps a security team to identify attacks quickly, limit the organizational risk exposure, and reduce the time it takes to investigate and remediate an incident -Hear stories of large IR events when a client employed advanced network visibility tools and those that didn’t |