1 / 6

Successful Strategies in Enterprise Intrusion Investigations

Successful Strategies in Enterprise Intrusion Investigations. SANS WhatWorks in Forensics and Incident Response Summit 2008. Michael Cloppert Member Technical Staff Lockheed Martin Computer Incident Response Team. Phase 2: Establish a presence. Establish a Presence. Compromise Systems.

michelle-grant
Download Presentation

Successful Strategies in Enterprise Intrusion Investigations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Successful Strategies in Enterprise Intrusion Investigations SANS WhatWorks in Forensics and Incident Response Summit 2008 Michael Cloppert Member Technical Staff Lockheed Martin Computer Incident Response Team

  2. Phase 2: Establish a presence Establish a Presence Compromise Systems Steal data

  3. But how?

  4. So what now? We have a process! Oh you mean this one? NIST Special Publication 800-61: Computer Security Incident Handling Guide CMU-SEI-2004-TR-015 Defining Incident Management Processes: A Work In Progress Yeah, it’s broken.

  5. Get Intelligent Integration of intelligence acquired through analysis and collaboration is key to successfully managing incidents

  6. Contact Michael Cloppert michael.j.cloppert@lmco.com

More Related