Best Practices for Scoping Infections and Disrupting Breaches
Monzy Merza, Director, Security Markets, Splunk
Infection and exploits will occur. The new goal is to prevent those infections from becoming a data breach. To do this successfully, security analysts need the ability to continuously collect, analyze, correlate and investigate a diverse set of data.
Watch this ondemand webinar to hear Monzy Merza, long time Splunker and security researcher, discuss the specific data sources and capabilities required to determine the scope of an infection before it turns into a breach. See a live incident investigation that demonstrates this approach.
In this session, you will learn:
- The capabilities required to distinguish an infection from a breach
- The specific analysis steps to understand the scope of an attack
- The data sources required to gain deep and broad visibility
- What to look for from network and endpoint data sources