Meatspace Indicators and Incident Response presented at BSidesDC 2014

by Nathaniel Richmond,

Summary : Do you ever get non-technical incident indicators? Are non-technical indicators important? Do incident responders sometimes get tunnel vision and forget that monitoring and response are a means to an end? The answers to all these questions are yes.
This talk will discuss the importance of non-technical indicators using the example of a real incident involving a home security breach. You will get a large dose of lessons learned, including how important non-technical indicators can be, how they can be used in combination with traditional technical tools, how the example does and does not apply to operational incident response teams, and how to keep your teenager from pwning you as a parent.