Blue teams across the world suffer from the lack of resources, short staffing, and immature tools and policies. Immature and insufficient defensive postures lead to reactive security where catching an intrusion is, at best, discovered hours after it occurs. Based upon years of experience in incident response with a major defense SOC, and performing IR across the commercial realm, this presentation highlights the classic failures and pitfalls that are continually found within networks targeted for attacks. These pitfalls are easily mitigated using best practices such as the Critical Top 20, and we’ll explore how these problems come to exist and how to secure them. Learn how to move from being reactive to being proactive and better your network’s defenses!