Proving the negative - no we didn't breach you

  • Friday, 08 Jul 2022 1:00PM EDT (08 Jul 2022 17:00 UTC)
  • Speaker: Jake Williams

Every incident response team has dealt with the nightmare situation where a third party says "we have an incident - and it came from your network." Third-party notifications are no fun to deal with. You're effectively starting from "something happened, but we have limited (if any) IOCs." It gets *so much worse* when the team investigates but concludes you were in fact *not* the source of the incident.

In this webcast, tune in while Jake walks you through how packet capture assists in addressing third-party notifications. Whether you actually end up proving the negative or quickly confirming the notification is legitimate, *indexed* packet capture rapidly moves you from notification to triage to response.