Key Learning Points
- Methods for simplified discovery of anomalous user behavior
- Strategies for enabling fast incident response decisions
- How to cope when bombarded with false positive alerts
- Common attacker methods (and why they’re so often successful)
- Why you need to monitor privileged and risky accounts
As security incidents grow in frequency and complexity businesses struggle to be prepared to respond and mitigate the threat. Incident detection and response is expected to take up the majority of security budgets by 2020 but solutions are siloed and specialized staff is hard to hire and retain. How can security professionals who may not be experts in incident response detect and assess the scope of potential incidents or breaches effectively? This case study will explore this question leveraging real-world examples that illustrate how to confidently detect and respond to security incidents 10x faster.
About Christian Kirsch and Travis Turney
J. Travis Turney is the product manager for Rapid7 UserInsight based in Cambridge, MA. He has fifteen years of experience in information security and technology including roles at Internet Security Systems, Dell SecureWorks, and IBM Security Services as security analyst, account management, and various product management roles. Travis holds a B.S. in Management Information Systems with a focus in Information Security from Florida Atlantic University and an MBA from Emory University’s Goizueta School of Business. Travis has been CISSP certified since 2006. Travis also is a co-founder of the Data Science ATL meetup with a diverse community of nearly 2,000 members.
Follow Travis on Twitter
Chris Kirsch has 18 years of security industry experience, with expertise in incident detection and response, security assessments, and cryptography. Chris is a principal product marketing manager at Rapid7 in Boston, Massachusetts. Previously, he held positions at nCipher Corporation, now part of Thales e-Security, and PGP Corporation, now part of Symantec.
Follow Chris on Twitter