Anyone will tell you that incident response is a set of procedures for an investigator to examine a security incident—but because of the non-standard nature of investigations, incident response can be interpreted as more of an approach than a science. This involves figuring out what happened, gauging the damage and preserving information related to those events through various tools. As a security practitioner, if you don’t accurately respond to an incident, then you won’t know how it occurred, and you won’t be able to plug the hole (aka, it could easily happen again).

Join us for this eSummit and explore what practitioners are using to probe parts of the operating system, what automation you can apply and how to make your data results useful in the aggregate.

eSummit Sponsors: