You get an alert on an attack. You check it out and you find a real breach. You are able to stop it. Job done.
Or is it? Do you know how the attacker got in? Do you know if this is the only system they compromised? Do you know what they did next, before you found them?
In this session, Arbor will show you the importance of understanding lateral movement and the ability to understand the entire extent and impact of a breach. Know if your compromised system was used to attack further hosts and if so what was done. Build an evidence trail that can be used to identify every facet of the attack and the methods used, quickly and simply.