The Race to Detection: IR Trends, Tools and Processes That Close the Gap
- Wednesday, August 12th, 2015 at 1:00 PM EDT (17:00:00 UTC)
- Alissa Torres and Jim Raine
You can now attend the webcast using your mobile device!
Through interviews with key personnel at leading professional services firms and boutique incident response consultancies, with input from a variety of incident response professionals, SANS has gathered actionable insight into the key elements of successful incident response: effective utilization of people, processes and technology.
This webcast will address the current nature of IR operations and emerging trends from leading professional service firms and practitioners in the field. Questions to be explored include:
- What are the keys to effective incident response practice in organizations today?
- What are the major obstacles to detection and incident scoping encountered by IR teams?
- How can organizations "pave the way" for faster detection and remediation?
- What tools/technologies work for in-house and third-party service providers?
- Where are the perceived gaps in tools/technologies?
- What is on the horizon that will affect future incident response processes?
- What are the key considerations for measuring, monitoring and benchmarking against the critical security controls?
Be among the first to receive the associated whitepaper written by Alissa Torres.
View the associated whitepaper here.
Alissa Torres is a SANS Analyst and certified SANS instructor specializing in advanced computer forensics and incident response (IR). She has extensive experience in information security in the government, academic and corporate environments. Alissa has served as an incident handler and as a digital forensic investigator on an internal security team. She has taught at the Defense Cyber Investigations Training Academy (DCITA), delivering IR and network basics to security professionals entering the forensics community. A GIAC Certified Forensic Analyst (GCFA), Alissa holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT and CTT+ certifications.
Jim Raine is the director of technical engagement for the Bit9 Business Development group. He engages technical audiences from companies focused on providing incident response services and managed security providers who are interested in licensing Bit9 technology for inclusion in fixed-function and cybersecurity products. Over his 20+ years of network ad security experience Jim has managed large service, support and sales teams supporting international commercial, defense and systems integrators across perimeter, physical, wireless and endpoint security architectures. He holds the CISSP certification and is a 10-year CCIE Emeritus.