Lessons from the Attack Chain: Bolster Your IR Program

It’s challenging to build out your Incident Detection & Response program when you’re wading in alerts and expected to cover cloud services, contractors, and remote workers, as well as your core infrastructure. In this session, Eric Sun will cover best practices from Rapid7’s Incident Response and Penetration Testing teams, and share the top gaps in security coverage today.

Key Learning Points:

• Review the top attack vectors behind breaches
• Go through the steps of the attack chain, from Infiltration to Persistence
• Best practices for building out your IR Program – how do you demonstrate progress?
• How Security Teams are using User Behavior Analytics today
• Rapid7’s approach and vision for Incident Detection and Response