Prof Wool: Advanced Cyber Threat and Incident Management

Lesson 2: Bringing Reachability Analysis into Incident Response

- cyberattack, cyber attack, cyber threat, incident response, Network Security, prof wool, security incident and event management, security management, security policy, siem, splunk

Advanced Cyber Threat and Incident Management: Lesson 2

In this lesson Professor Wool discusses the need for reachability analysis in order to assess the severity of the threat and potential impact of an incident. Professor Wool explains how to use traffic simulations to map connectivity paths to/from compromised servers and to/from the internet. By mapping the potential lateral movement paths of an attacker across the network, the SOC team can, for example, proactively take action to prevent data exfiltration or block incoming communications with Command and Control servers.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Prof Wool: Advanced Cyber Threat and Incident Management

Lesson 2: Bringing Reachability Analysis into Incident Response

Related videos

Products

Application Segmentation Using AlgoSec AutoDiscovery

Demos

AppViz Server Migration

Thought Leadership

Managing network objects in hybrid environments

Ecosystem

Application Segmentation with Cisco Tetration & AlgoSec

Prof Wool: Advanced Cyber Threat and Incident Management

Lesson 1: How to Bring Business Context into Incident...

Prof Wool: Next Generation Firewalls

Lesson 4: Using Next Generation Firewalls for Cyber...

Lesson 2: Bringing Reachability Analysis into Incident Response

Subscribe

Related videos