Presented at ToorCon San Diego 20 (2018)
Sept. 14, 2018, 2:30 p.m.
Experienced InfoSec professionals are familiar with leveraging digital forensics in their incident response efforts. There are other opportunities to let the data tell the story, provide insight on risks your organization face, with how to mitigate those risks. What are these opportunities, how can you leverage forensics for these opportunities, & how do you acquire such capabilities?
When leveraging digital forensics, there are opportunities to let the data tell the story beyond our incident response efforts. Let the story provide insight on the risks your organization face, provide insight on how to mitigate, and provide the evidence to take the actions needed. What sort of organizations and what sorts of use cases are there; and what real world examples have organizations been able to leverage digital forensics to identify and manage their risks?
IrishMASMS is an old school hacker, fighting the good fight in Computer Network Defense (CND)/blue team efforts for more than 18 years. He has been lurking about since DEFCON 10, a panel member at HOPE 5, a presenter at a couple of Notacons, and a few other conferences where it may be hard to remember what really occurred. Having progressed through the ranks from a Security Operations Center (SOC) analyst to manager and director of Information Security risk management programs, he has experienced the wide opportunities for pain in our industry — and desires to help improve rather than perpetuate, nurture rather than exclude. (Is this where we mention cyberderp?)