2022-10-21, 14:30–15:20 (US/Eastern), Talk Room
We play how we practice, and there's no time like the present to hit the SIEM, flex that change control, and make sure all your business units are in shape.
Join LitMoose, a global incident responder who has handled single disk to 500k+ endpoint environments in the throws of attack, to talk about things you can be doing to prep yourself and your team for surviving the IR marathon. You never know when you'll wake up and find yourself running.
Briefly lay out different types of IR -- different plans for different situations.
Assigning roles and responsibilities, but minding the gaps (team work makes the dream work).
Scalability and keeping remediation fluid through the findings.
Knowing when to hold and when to fold -- preventing burnout for you and your teams.
Moose has over a decade of experience in information security with the majority of her waking hours (and some not-waking hours) consumed by the ever-burning IR fire.
She is a lover of logs, unallocated space dumpster diver, shaker of malware, and C-level grief counselor.
Moose currently works as a Manager of Incident Response Services at CrowdStrike, is the support-human to 5 cats, and operates a wildlife halfway-house in NYC.