How to Prepare Before the Compromise

Download slides:
00:40 Intro, background information, how to deal with the psychology and politics in your company
15:34 Reviewing different cards in Backdoors & Breaches, Server Analysis
22:39 Security Information and Event Management Log Analysis (SIEM)
31:12 Firewall Logs, Zeek and RITA
36:31 Segmentation
42:37 Endpoint Security, Protection Analysis, User Behavior and Entity Analytics (UBEA), Endpoint Analysis
49:51 Crisis Management, Isolation
53:29 A sample of inject cards including losing people and the intern killing the system you're working on

How to be prepared for a hack: Or, Death, taxes, and security breaches. Only two of these things have preparation commercials on cable news at 2 am. I know... we stayed up so you don't have to.

We have been working through a couple of breaches recently and something kind of hit us out of the blue... people are not prepared for a breach. They are lacking the proper logging and infrastructure to effectively work through an attack after it has happened.

In the webcast, we cover what things an organization needs to have in place for when a breach happens.

We cover isolation, logging, analysis, and politics. So, this should not be all that hard to cover in an hour.

We also cover some of the mistakes that organizations tend to make in the middle of a breach that somehow make the whole experience that much worse.

Black Hills Information Security,BHIS,John Strand,Breach,Compromise,Vulnerabilities,Vulns,Exploits,Information Security,Infosec,Hacking,Hackers,Ethical Hacking,Penetration Testing,Pentest,Pentester,DFIR,Digital Forensics,Incident Response,Cyber Defense,Cybersecurity,Blue Team,Red Team,Security Weekly,Irongeek,BSides,Infosec Conferences,DerbyCon,Defcon,