homepage
Open menu
Contact Sales

Real-time Incident Remediation

  • Wednesday, 28 Mar 2018 1:00PM EDT (28 Mar 2018 17:00 UTC)
  • Speakers: Jake Williams, Andy Schmid

Organizations are under constant attack leaving IT to investigate hundreds of incidents a day. If a breach or malware attack occurs, there are several steps taken before remediation can begin, causing potentially hundreds of thousands of endpoints to endure vulnerability before IT ops can respond the incident. It is important that security can investigate issues in organizational context as quickly as possible. It's also crucial that operations have the right tools to respond to the incident cross-platform at scale within the organization. In addition, the resolution of the incident should become part of the organizational knowledge base so if the incident reoccurs, the resolution can be automated.

We will discuss:- -

  • EDR Solution takes too long to respond. Talking to 200 hosts is fine, but talking to 20,000 hosts takes forever. '
  • EDR Solutions have blind spots on Linux clusters and some people are using Macs.
  • Scale of product is very important to be able to roll this out.
  • Software inventory is very important. We discuss 10 important factors.
Login to Register

Related Content

Blog
Quest_to_Summit_340x340.png
Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting
The Quest to Summit | SANS ICS Security Summit 2024
Register for the ICS Security Summit to be able to participate in The Quest to Summit and win big prizes.
370x370_Tim-Conway.jpg
Tim Conway
read more
Blog
N2C_blog_image.png
Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)
A Visual Summary of SANS New2Cyber Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
Blog: Google Chrome Platform Notification Analysis
Digital Forensics, Incident Response & Threat Hunting
Google Chrome Platform Notification Analysis
In this post, Chad Tilbury uses the new Arsenal Recon LevelDB Recon tool to examine the Chrome Platform Notifications database.
370x370_Chad-Tilbury.jpg
Chad Tilbury
read more