Online Training Special: Get a GIAC Certification Attempt Included or $350 Off through 5/29!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

An Incident Response Playbook: From Monitoring to Operations

  • Wednesday, July 30th, 2014 at 1:00 PM EDT (17:00:00 UTC)
  • Dave Shackleford and Joe Schrieber
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • AlienVault

You can now attend the webcast using your mobile device!

Overview

As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. Event monitoring and correlation technologies and security operations are often tied to incident handling responsibilities, but the number of attack variations is staggering, and many organizations are struggling to develop incident detection and response processes that work for different situations.

In this webcast, we'll outline the most common types of events and indicators of compromise (IOCs) that naturally feed intelligent correlation rules, and walk through a number of different incident types based on these. We'll also outline the differences in response strategies that make the most sense depending on what types of incidents may be occurring. By building a smarter incident response playbook, you'll be better equipped to detect and respond more effectively in a number of scenarios.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.


Joe Schreiber

Joe Schreiber is a Solutions Architect with AlienVault who has been doing IT security since the days of dial-up. With his team at AT&T Managed Security Services, Joe built one of the world's largest SIEM systems, bringing thousands of devices under real time security management and monitoring more than 2 petabytes of network traffic daily. With Joe's insight and experience, this is guaranteed to be an hour well spent.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.