Oooh! We've Had An Incident! How Should We Respond? presented at saintcon 2016

by Sean Jackson,

Summary : It's better to be informed before you have to act. This talk is aimed to let attendees know a suggested set of steps to establish an Incident Response plan. We will identify the six steps of of Incident Response, ways of assessing the impact from an attack, suggested paperwork, guidelines, communication, legal obligations, chain of custody, and we'll touch on the differences between Incident Response and Forensics. I'll also share some tools and commands to help in assessment and identification of evidence.