Automating Incident Response: Scalable and Fast, Within Minutes

Explore a 30-minute conference talk from the SANS DFIR Summit 2024 that delves into automating incident response for scalable and rapid solutions. Learn how to shift from traditional digital forensics to an automated strategy combining investigative skills with a DevOps mindset. Discover how to automate the incident response process of acquiring, processing, and analyzing data using open-source software packages from Microsoft, Spector Ops, Google, Rapid7, Fox-IT, Elastic, KROLL, HashiCorp, and Jupyter. Follow the journey from manual tool usage to automatic implementation, with practical examples and emphasis on applying DevOps principles to daily incident response tasks. Gain insights from speakers Zawadi Done and Mattijs Dijkstra of Hunt & Hackett as they address the challenges posed by increasing frequency and scale of security incidents in today's digital landscape.