Systems like Scrutinizer are the repositories our team turns to when we have to investigate the digital foot prints of an infiltration.
(PRWEB) December 11, 2014
Plixer International, a leading incident response and forensics gathering company, announced today that they will be presenting a one-hour webcast on the topic of Malware Incident Response on Thursday, December 18, 2014 at 11AM EST. Joining Plixer will be guest speaker Sean Bodmer, Founder of Pragmatik IO and its lead Infection Cleanup Specialist, who will present case studies of Fortune 500 companies that have hired his company to identify infected machines, measure the scale of the infections, and systematically remove the contagions.
“We are trying to encourage the importance of off system logging solutions. Syslogs, event logs and NetFlow all need to be collected, monitored, and warehoused for a period of time. These critical pieces of information have long gone undervalued until an intrusion occurs, and then firms realize how much of a difference they can make,” says Sean Bodmer. “Systems like Scrutinizer are the repositories our team turns to when we have to investigate the digital foot prints of an infiltration. Without logs, we have to bring in our own systems and start the collection going forward. This means we sometimes can’t start cleaning up the infection until we have data to understand what is happening. Companies need to be proactive and log data now!”
Sean’s presentation will include details on the steps his team takes, from discovery to complete removal of the malware. After Sean’s presentation, Michael Patterson, Co-Founder and CEO of Plixer, will present how NetFlow and IPFIX can be used to profile end system behaviors to identify unwanted communications. He will introduce strategies on building your own incident response plan, and how to make sure it stays effective.
“Flow collection has become a big data issue for larger enterprises. Distributed collection, fault tolerance, and fast incident response are major topics on most calls with customers,” says Michael Patterson. “Our clients want the flow reporting integrated with other forms of contextual information, such as Cisco ISE and packet capture. We are going to demonstrate all of this, as well as how to use flow data to monitor for unique business applications that exist in every company.”
The webcast will finish by informing listeners how to get started with an Incident Response Plan, including comprehensive examples on what it needs to contain. Details on how to make sure your response plan is going to work within your company will also be offered. For more information and to signup for the webcast, visit https://www1.gotomeeting.com/register/840284073.