This goes to Level 2 Your goal is to mark yourself as pro I don’t have access Look at the geographical data I’m helping out on-call It’s been a meeting heavy day Does this look malicious? Forensic Analysis Did you look at session traffic Have you looked in Wiz? I can set you up with a mentor I need some coffee IR takes priority So who has questions about their ticket? This is TOR We need these logs in Splunk Compromise IOC Add more resources We will automate Security event not an IR Do I have access to this? Tell me more about… We need that on the wiki Did you notify SVIC? This goes to Level 2 Your goal is to mark yourself as pro I don’t have access Look at the geographical data I’m helping out on-call It’s been a meeting heavy day Does this look malicious? Forensic Analysis Did you look at session traffic Have you looked in Wiz? I can set you up with a mentor I need some coffee IR takes priority So who has questions about their ticket? This is TOR We need these logs in Splunk Compromise IOC Add more resources We will automate Security event not an IR Do I have access to this? Tell me more about… We need that on the wiki Did you notify SVIC?
(Print)
This goes to Level 2
Your goal is to mark yourself as pro
I don’t have access
Look at the geographical data
I’m helping out on-call
It’s been a meeting heavy day
Does this look malicious?
Forensic Analysis
Did you look at session traffic
Have you looked in Wiz?
I can set you up with a mentor
I need some coffee
IR takes priority
So who has questions about their ticket?
This is TOR
We need these logs in Splunk
Compromise IOC
Add more resources
We will automate
Security event not an IR
Do I have access to this?
Tell me more about…
We need that on the wiki
Did you notify SVIC?
