Overview
Explore automated incident response techniques using APIs in this 38-minute LASCON conference talk. Discover how to leverage simple scripts and APIs to process forensic post-incident information, addressing the challenges faced by incident response teams. Learn about tools and techniques for handling high-volume security events, cleaning up incidents, managing evidence, preventing further damage, and reconstructing attack chains. Follow along as the speaker walks through an incident, demonstrating how to build a comprehensive narrative using various data sources to fully analyze and respond to security breaches.
Syllabus
Baruch Mettler - Easy-bake IR - Automated incident response using the power of APIs
Taught by
LASCON