Incident Response: Security After Compromise - Richard Bejtlich
Title: Incident Response: Security After Compromise
Too often security and IT professionals believe that once a system is compromised, “security” has failed. In the world of Incident Response, security is just beginning. In this talk Richard Bejtlich will share thoughts on how to make incident response work for the benefit of an intrusion victim. He will talk about key ideas that show an organization can suffer compromise yet not suffer real damage, despite the worst intentions of the adversary.
Speaker: Richard Bejtlich, Chief Security Officer, Mandiant
Richard Bejtlich is Chief Security Officer at MANDIANT. He was previously Director of Incident Response for General Electric, where he built and led the 40-member GE Computer Incident Response Team (GE-CIRT). Richard began his digital security career as a military intelligence officer at the Air Force Computer Emergency Response Team (AFCERT), Air Force Information Warfare Center (AFIWC), and Air Intelligence Agency (AIA). Richard is a graduate of Harvard University and the United States Air Force Academy. He wrote "The Tao of Network Security Monitoring" and "Extrusion
Detection," and co-authored "Real Digital Forensics." He also writes for his blog (taosecurity.blogspot.com) and Twitter (@taosecurity).
Date:Friday October 26, 2012 10:00am - 10:45am
Location:AppSecUSA, Austin, TX. Hyatt Regency Hotel.Gluu Room
Track: Case Studies