Performing Effective Incident Response presented at Blackhat USA 2005

by Kevin Mandia,

Tags: Security

Summary : During the course of 2004 and 2005, we
have responded to dozens of computer security incidents at some of
America’s largest organizations. Mr. Mandia was on the front lines
assisting these organizations in responding to international computer
intrusions, theft of intellectual property, electronic discovery issues,
and widespread compromise of sensitive data. Our methods of performing
incident response have altered little in the past few years, yet the
attacks have greatly increased in sophistication. Mr. Mandia addresses
the widening gap between the sophistication of the attacks and the
sophistication of the incident response techniques deployed by “best
practices.”