Stop! Don’t Make That Noob Incident Handling Mistake
44CON Information Security Conference via YouTube
Overview
Syllabus
Intro
Steves background
Cyber CPR
Corporate Mode
What is Instant Response
Why do we care
PWC UK Business Survey
Stress Balls
Chess
Network
Plate Pieces
Playing Chess
Losing Pieces
Losing Data
Always Observe
Maneuverability
Chuck Norris
Bruce Lee
Basic Tools
Best Tools
Taekwondo
The Brave
Cyber Espionage
The Six Stages
Not having an Incident Response Plan
Overly complicated large documents
Knowledge transfer is only by experience
I am the most valuable person
Why compromise a domain controller
Another management fail
Assessment
Classic Attacks
How fast to containment
They sit in the domain
They find old export code
Restoring a previously vulnerable version
Flattening malware
Defending your tempo
Planning an incident
Managing an incident
Lego Cyber Crisis Planning Room
What does it do
Does it pull out from Peek
I have this bad reputation
with demos
separate out incidents
index and crosscheck
Shaggy ScoobyDoo
Taught by
44CON Information Security Conference