Beyond 'Check The Box': Powering Intrusion Investigations

Presented at Black Hat Asia 2014, Unknown date/time (Unknown duration).

Many organizations have implemented robust security tool suites and “checked the box” on security logging standards. Yet many of these same organizations have not considered how these tools would effectively support an incident investigation effort.


Presenters:

  • Jim Aldridge - Mandiant
    Jim Aldridge is a Senior Manager with Mandiant, a division of FireEye, Inc. Based in the Washington, D.C. area, Jim focuses on helping global organizations respond to complex incidents. The majority of his cases involve targeted intrusions by state-sponsored threat actors. Jim also has expertise in the areas of penetration testing, security architecture and security strategy.

Links: