Webcast: How to Prepare Before the Compromise

Click on the timecodes to jump to that part of the video (on YouTube)

Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_HowtoPrepareBeforeCompromise.pdf

00:40 Intro, background information, how to deal with the psychology and politics in your company

15:34 Reviewing different cards in Backdoors & Breaches, Server Analysis

22:39 Security Information and Event Management Log Analysis (SIEM)

31:12 Firewall Logs, Zeek, and RITA

36:31 Segmentation

42:37 Endpoint Security, Protection Analysis, User Behavior and Entity Analytics (UBEA), Endpoint Analysis

49:51 Crisis Management, Isolation

53:29 A sample of inject cards including losing people and the intern killing the system you’re working on

This webcast was originally recorded live on October 9th, 2019 with John Strand.

How to be prepared for a hack: Or, Death, taxes, and security breaches. Only two of these things have preparation commercials on cable news at 2 am. I know… we stayed up so you don’t have to.

We have been working through a couple of breaches recently and something kind of hit us out of the blue… people are not prepared for a breach. They are lacking the proper logging and infrastructure to effectively work through an attack after it has happened.

In the webcast, we cover what things an organization needs to have in place for when a breach happens.

We cover isolation, logging, analysis, and politics. So, this should not be all that hard to cover in an hour.

We also cover some of the mistakes that organizations tend to make in the middle of a breach that somehow make the whole experience that much worse.



Want to level up your skills and learn more straight from John himself?
You can check out his classes below!

SOC Core Skills

Active Defense & Cyber Deception

Getting Started in Security with BHIS and MITRE ATT&CK

Introduction to Pentesting

Available live/virtual and on-demand