Improving the Incident Response Function: SANS 2018 Incident Response Survey Results Part II

  • Thursday, 01 Nov 2018 1:00PM EDT (01 Nov 2018 17:00 UTC)
  • Speakers: Matt Bromiley, Andy Schmid, Ryan Trost, Mike Stewart

Incident responders are catching and remediating threats faster than ever, according to past SANS surveys. Much of their success can be attributed to improving technologies, such as threat intelligence--73 percent of respondents to last year's survey said they were using threat intelligence to enable more accurate investigations.

This webcast will release results from the SANS 2018 Incident Response Survey, developed by Matt Bromiley, SANS Digital Forensics and Incident Response (IR) instructor and GIAC board member. Matt will explore how integration and automation can help IR teams find efficiencies and protect their environments, including:

  • Processes and technologies that work best in responding to threats
  • Where and how intelligence, analytics, threat hunting and other new technologies fit into investigation workflow
  • Improving remediation workflow to thoroughly identify and clean impacted systems
  • Completing the loop to patch and repair vulnerabilities discovered in the investigation
  • Best ways to inform prevention systems to be on the lookout for similar threats
  • Benchmarking against past performance for continuous program improvement

Attend this webcast and gain access to the full survey report written by Matt Bromiley.

Register here for Part I of this webcast: How Are You Responding to Threats?