Main Stage – Shifting from Static Defense to Live Response
Bio: Shane is a Senior Solution Engineer at SentinelOne, a SANS Instructor, and an Adjunct Instructor at the University of Michigan with over 25 years of experience in military, manufacturing, consulting, and professional services. He is a commissioned officer in the US Army (MI), holds degrees in business (MBA), computational linguistics (BA), and maintains the following certs: GCIA, GCIH, GCED, CISSP, CTIA.
LinkedIn: https://www.linkedin.com/in/shaneharschAbstract: The rise in attacks leveraging exploits that result in attackers living off the land has marginalized not only signature-based solutions, but many adaptive and “next gen” technologies as well. These attacks necessitate operational live incident response to not only detect, but to contain, eradicate, and recover. How does this change the make up of a SOC or CIRT, and what does a successful small team look like?