Forensic Analysis I can set you up with a mentor IR takes priority Security event not an IR Do I have access to this? We need these logs in Splunk This goes to Level 2 We will automate Add more resources I need some coffee I don’t have access Have you looked in Wiz? Does this look malicious? Tell me more about… Look at the geographical data Compromise IOC Did you notify SVIC? Your goal is to mark yourself as pro It’s been a meeting heavy day We need that on the wiki This is TOR So who has questions about their ticket? I’m helping out on-call Did you look at session traffic Forensic Analysis I can set you up with a mentor IR takes priority Security event not an IR Do I have access to this? We need these logs in Splunk This goes to Level 2 We will automate Add more resources I need some coffee I don’t have access Have you looked in Wiz? Does this look malicious? Tell me more about… Look at the geographical data Compromise IOC Did you notify SVIC? Your goal is to mark yourself as pro It’s been a meeting heavy day We need that on the wiki This is TOR So who has questions about their ticket? I’m helping out on-call Did you look at session traffic
(Print)
Forensic Analysis
I can set you up with a mentor
IR takes priority
Security event not an IR
Do I have access to this?
We need these logs in Splunk
This goes to Level 2
We will automate
Add more resources
I need some coffee
I don’t have access
Have you looked in Wiz?
Does this look malicious?
Tell me more about…
Look at the geographical data
Compromise IOC
Did you notify SVIC?
Your goal is to mark yourself as pro
It’s been a meeting heavy day
We need that on the wiki
This is TOR
So who has questions about their ticket?
I’m helping out on-call
Did you look at session traffic
