Shifting Up DFIR from XDR to the Cloud

Logo
Presented by

Amanda Berlin, Lead Incident Detection Engineer, Blumira + Josh Lemon, Managed Detection & Response Director, Uptycs

About this talk

How does digital forensics and investigations differ from traditional XDR to cloud? What techniques can we translate into DFIR for AWS and Kubernetes incident response? Join experts Amanda Berlin, Lead Incident Detection Engineer at Blumira, and Josh Lemon, Director of Uptycs’ global managed detection and response team, to learn how to manage your detection alerts and unify investigation efforts. Together, we will break down the patterns around common cloud-based attacks like Cryptominer and Credential Abuse and share techniques to prioritize alerts for faster response times. While investigating security incidents, challenges arise when dealing with siloed tooling and disparate data sources across your environment. Learn how Amanda and Josh have worked to break down those silos and shift up to end-to-end investigations across XDR and cloud environments. You Will Learn How To: - Prioritize alerts and unify response efforts across traditional and cloud-based assets. - Understand easy wins around cloud detections and break down the core challenges around incident response in the cloud. - Differentiate DFIR, mean time to detection, and mean time to remediation with and without using a sensor to collect data.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (37)
Subscribers (882)
Secure cloud, containers, and endpoints with one unified solution. Find and remove critical risks in your modern attack surface—from laptops to containers—all from a single UI and data model.