Intellitactics

A couple of weeks ago we introduced you to Rob Ayoub from Frost & Sullivan. He was a guest author on “What’s New in Information Security?” and wrote a series on the new forensics.

We also reviewed new standards for federal agencies – the Consensus Audit Guidelines. These are part of new guidance to federal government agencies which suggest that “offense must inform defense” meaning that knowledge of actual attacks that have compromised systems provides the essential foundation on which to construct effective defenses.

What better way to “know” the offense than performing forensic investigation without having to spend time on traditional, and often expensive, forensic investigation.

Intellitactics believes that forensics is another benefit of using a SIEM solution like Intellitactics SAFE or Intellitactics Security Manager. These SIEM solutions allow for easy monitoring of sensitive data and can provide critical data at the fingertips of an incident response team or law enforcement should a breach be criminal in nature.

So we asked Matt Schnarr, a senior security field engineer, to put together a short presentation on using Intellitactics SAFE as a forensic toolto perform preliminary investigations – a fast way to “know” an attack and to discover details to confirm or corroborate. See Matt’s presentation called Forensics on a Dime and then see for yourself how easy it is to use SAFE.