So who has questions about their ticket? I need some coffee I can set you up with a mentor I’m helping out on-call Look at the geographical data I don’t have access This goes to Level 2 Forensic Analysis Add more resources Did you look at session traffic We will automate It’s been a meeting heavy day Your goal is to mark yourself as pro Do I have access to this? IR takes priority Compromise IOC Security event not an IR Does this look malicious? Did you notify SVIC? Tell me more about… Have you looked in Wiz? We need that on the wiki This is TOR We need these logs in Splunk So who has questions about their ticket? I need some coffee I can set you up with a mentor I’m helping out on-call Look at the geographical data I don’t have access This goes to Level 2 Forensic Analysis Add more resources Did you look at session traffic We will automate It’s been a meeting heavy day Your goal is to mark yourself as pro Do I have access to this? IR takes priority Compromise IOC Security event not an IR Does this look malicious? Did you notify SVIC? Tell me more about… Have you looked in Wiz? We need that on the wiki This is TOR We need these logs in Splunk
(Print)
So who has questions about their ticket?
I need some coffee
I can set you up with a mentor
I’m helping out on-call
Look at the geographical data
I don’t have access
This goes to Level 2
Forensic Analysis
Add more resources
Did you look at session traffic
We will automate
It’s been a meeting heavy day
Your goal is to mark yourself as pro
Do I have access to this?
IR takes priority
Compromise IOC
Security event not an IR
Does this look malicious?
Did you notify SVIC?
Tell me more about…
Have you looked in Wiz?
We need that on the wiki
This is TOR
We need these logs in Splunk
