Responding to Incidents within the “Breakout Time” Window presented at DataConnectorsAnaheim 2019

by Con Mallon,

Summary : A 2018 Global Threat Report details how adversaries typically dwell for 1 hour and 58minutes before taking action after they’ve initially gained access to a machine. This “Breakout time”, is all the time until an intruder jumps from the machine that’s initially compromised and moves laterally through your network.This is a crucial window to stop the breach, but is not the only metric you need to know. When an attack is in progress, you have on average of one minute to detect it, 10 minutes to understand it and one hour to contain it. Is your organization ready to meet the 1/10/60 minute challenge?Join our security experts for an important, in-depth discussion of the common hurdles organizations face in establishing an effective IR process.You will also learn how next-gen technology including endpoint detection and response (EDR) can help you overcome them.