Lessons from the battlefield - real breaches analyzed

https://plus.google.com/events/chhck1d6ueasrpgmq14i1tgfd4g?hl=en

Come join the presentation by Vijay Bolina. He will share gory details (anonymized) of some real world breaches and also lessons learned from those. This topic is worth a drive or caltrain from south bay. Detailed abstract is below.

Speaker Bio - Vijay Bolina is the Vice President of Information Security at Blackhawk Network where he is building a team to protect the product and services of the largest global prepaid and financial products network. Prior to Blackhawk Network, Vijay worked at Mandiant as a incident responder leading some of the largest data breach investigations in history. Prior to Mandiant, Vijay worked with 3-letter agencies in the Washington DC metro area responding to and combatting some of the most sophisticated attackers targeting the US Government and Military.

Details

Telemetry or custom signals have identified suspicious activity in your environment, but now what? Do I forensicate first or contain first? How do I know I am not missing anything or if the attacker is still active? The abundance of commercial security tools and general acceptance of custom tooling for detection and response has allowed responders to react seemingly quicker to potential security incidents. This talk will discuss what to do after you have confirmed unauthorized activity or code in your environment to better prepare for a successful response.

Broadcast details https://plus.google.com/events/chhck1d6ueasrpgmq14i1tgfd4g?hl=en