A Basic Guide to Advanced Incident Response - Scott Roberts BSides Columbus Ohio 2015  (Hacking Illustrated Series InfoSec Tutorial Videos)
A Basic Guide to Advanced Incident Response
Scott Roberts
BSides Columbus Ohio 2015

The moment a computer security incident happens, it is too late to plan for one. In this talk we will discuss the most common incident response preparations, both in terms of technology and procedures, and discuss how these can be leveled up. Moving beyond the traditional "whack-a-mole" approach to incident response leads to a series of problems that have been solved by intelligence agencies, special operations teams, and Japanese manufacturing companies. We'll discuss these solutions, along with answering: What Intelligence Driven IR really is (and what it's not)? What are some of the best sources for finding and developing intelligence? How to get started building an intelligence driven IR capability? What tools can make intelligence driven incident response better? This should make any team better prepared to identify and respond to intrusions.

Scott J Roberts works for GitHub and makes up his title every time he’s asked, so we’ll say he’s the Director of Bad Guy Catching. He has worked for 900lbs security gorillas, government security giants & boutiques, and financial services security firms and done his best to track down bad guys at all these places. He’s released and contributed to multiple tools for threat intelligence and malware analysis. Scott is also really good at speaking in the 3rd person.

Back to BSides Columbus Ohio 2015 video list



If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek