Part 2: Incident Response - How Can We Be More Proactive for the Future?
- Thursday, August 20th, 2015 at 1:00 PM EST (17:00:00 UTC)
- Alissa Torres, Justin Falck, Gary Sockrider, and Wade Woolwine
You can now attend the webcast using your mobile device!
Incident response is a hot topic among the SANS audience. In SANS' 2014 survey on Incident Response, only 9% of organizations felt their incident response process were "very effective," yet the majority of respondents operated under the assumption that they will be breached. This two-part webcast will focus on what is and isn't working for incident responders, what they can do about it, and how they can become more proactive in responding to incidents.
Part 1 of the webcast, on Tuesday, August 18, will provide a look at the current state of incident response policies and practices and how the IR landscape has changed since the 2014 survey.
This webcast, Part 2 of the webcast, will address:
- How respondents can be more proactive in their policies and practices
- What respondents wish for to improve their ability to respond to security incidents efficiently and effectively
Be among the first to receive the associated whitepaper written by Alissa Torres.
Survey results reveal an increasingly complex response landscape and the need for automation of processes and services to provide both visibility across systems and best avenues of remediation. Read this paper for coverage of these issues, along with best practices and sage advice.
Alissa Torres is a SANS Analyst and certified SANS instructor specializing in advanced computer forensics and incident response (IR). She has extensive experience in information security in the government, academic and corporate environments. Alissa has served as an incident handler and as a digital forensic investigator on an internal security team. She has taught at the Defense Cyber Investigations Training Academy (DCITA), delivering IR and network basics to security professionals entering the forensics community. A GIAC Certified Forensic Analyst (GCFA), Alissa holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT and CTT+ certifications.
Justin Falck is a technical product manager responsible for defining and assuring the implementation of the technical strategy of Carbon Black. Before Bit9 + Carbon Black, Justin was at Goldman Sachs, where he was a vice president in their Threat Management Center. There, he developed standard operating procedures for hunter missions, led incident response efforts, worked on threat intelligence capabilities and guided firm leadership on cyberthreat prevention, detection and response. Prior to Goldman Sachs, Justin spent five years with the CIA as a technical operations officer.
Gary Sockrider, is a principal security technologist at Arbor Networks and an industry veteran who brings with him over 25 years of broad technology experience ranging from network security to routing and switching, data center, mobility and collaboration. His previous roles include security SME, consultancy, customer support, IT and product management. He seeks to understand and convey the constantly evolving threat landscape, as well as the techniques and solutions that address the challenges they present. Prior to joining Arbor in 2012, he spent 12 years at Cisco Systems and held previous positions with Avaya and Cable & Wireless.
Wade Woolwine, manager of Strategic Services, leads incident response initiatives for Rapid7. Previously, he played an integral part building Mandiant's managed defense business, with a team responsible for delivering all incident response activities, performing intelligence management and technology integration, and guiding research and development on new threat detection and incident response techniques. During his career, Wade has also helped build application security capabilities and served as a threat detection and incident response analyst. When not delivering world-class services for his employers and customers, he speaks at conferences and contributes to the security community through groups like OWASP and NoVAHackers.