FIRST - Improving Security Together 18th Annual FIRST Conference - June 2006 - Baltimore, Maryland

The Network-Centric Incident Response and Forensics Imperative







Platinum Sponsor

BT



Silver Sponsor

Diageo



Local Host

CERT Coordination Center



Supporting Sponsors

Sun



Google



Hitachi



ISS



E-Secure-IT

Korea CertCC



Conference Schedule

Business/Management Track

Friday – June 30th, 15:00

Security staff often take a host-centric approach to determining the scope and damage of computer intrusions. Standard forensics techniques are hard-drive centric, with collection and analysis of live data only gradually being adopted. This presentation offers a complementary set of practices focusing on network-centric techniques. In an age of kernel-based rootkits and savvy intruders, sometimes only the network can tell the truth.

Authors & presenters

  • USRichard Bejtlich Presenter (TaoSecurity, US)


Conference Schedule