Passive Detection Doesn’t Work: Non-Reactive Approaches To Incident Response

Logo
Presented by

Devon Kerr, Incident Response Manager, Professional Services, Mandiant

About this talk

Intrusion investigations are a response to the detection of a threat in the environment. Organizations are investing heavily in technology, training, and personnel who can quickly detect and respond to threats after they’ve gained some amount of access to their environments. It’s this process that leads to containment and gives businesses back control. Companies are getting better at detecting threats as a result, but actors may still have been in the environment for several months before that critical moment when tools and personnel finally detect the bump in the night and the investigative process can begin. During this conversation, we’ll look at the security ecosystem and some of the reasons why technologies that react to threat activity may not be adequate in this golden age of cyber threats. We’ll also discuss a few of the most important skillsets necessary to cultivate and why personnel and expertise are your secret weapons. Lastly, we’ll suggest some of the most effective sources of evidence to examine as well as some of the analysis techniques you should be using to filter through the noise. Register today!
Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (425)
Subscribers (118235)
Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.