Supercharge Incident Response with Data Your Network Team Already Collects

Presented by

Matt Bromiley, SANS author & Bob Hansmann, Infoblox cybersecurity expert

About this talk

Year after year, surveys show the same thing: threat investigation and incident response take too long. More specifically, security and risk leaders report that the average threat investigation takes over half a day while infection dwell times are still measured in weeks and months. Yet SANS experts suggest that the most critical incident response steps of identification and containment provide an opportunity for your defenders to gain back the advantage. Part of the challenge is that today’s enterprise infrastructures are nothing like they’ve been even in the recent past: hybrid environments, multi-cloud, mixed vendors, worldwide assets, mobile/remote workforces, microservices, and more. All these changes mean your approach must change, too. Instead of relying on external data points, there are ways of intelligently blending network data you already collect with accurate threat intelligence to accelerate your threat investigation and response capabilities. Join SANS author Matt Bromiley and Infoblox cybersecurity expert Bob Hansmann to learn how to enhance and supercharge your incident response process with concepts and ideas you can implement right away.
Related topics:

More from this channel

Upcoming talks (4)
On-demand talks (213)
Subscribers (26054)
Infoblox unites networking and security to deliver unmatched performance and protection. Trusted by Fortune 100 companies and emerging innovators, we provide real-time visibility and control over who and what connects to your network, so your organization runs faster and stops threats earlier.