Finding Evil: Building an Incident Response Plan for Any and Every Incident
Matt Bromley, Senior Principal Managed Defense Analyst, FireEye Mandiant
About this talk
Responding to a cybersecurity incident is an arduous event, leading to long hours and can impact a security team's confidence. Incident response is even worse when your organization as no plan in place and is "winging it", hoping that the attacker may eventually get bored and leave your environment. But, simply "having" a plan is not enough.
The best plans are thoroughly tested and modified as needed. An incident response plan may have a shelf life of a month, a quarter, or half a year. But how do we determine when to change, and what to change? Intelligence and knowledge of the latest threats helps bring all that together.
Join us for this Finding Evil webinar where we are going to look at :
- How to use the six-step incident response to build a resilient plan that can stand up to any incident,
- How to integrate threat intelligence and frameworks like MITRE ATT&CK and D3FEND into your incident response plan to make it more resilient,
- When and how often should an organization look at their incident response plan, and
- How to make adjustments to your incident response plan as you incorporate new technology, people, and processes.
We look forward to having you join us and, as always, our event will also feature a live Capture the Flag (CTF) event to allow attendees to get hands-on with a "real" incident. See you there!