SOC It To Me: Lotsa Logs
How MS-ISAC CIRT Reconstructs Incident Data
Having the right data at the right time can make all the difference. Join this webinar to learn how the pros from the MS-ISAC Cyber Incident Response Team (CIRT) do it.
From the event website:
“The Cyber Incident Response Team (CIRT) is the one MS-ISAC team we hope you never have to work with. That's because when they're called in, you're already in the thick of it. CIRT operates on the front lines of digital defense, responding to active cyber incidents, helping organizations identify, contain, and remove unauthorized threats."
"In this session, we'll dive into the essential role of log retention in incident response and why having the right data at the right time can make all the difference. You'll gain insights into strengthening your security posture by understanding what logs matter most and how they reveal the story of an attack. To bring theory into practice, a CIRT analyst will walk you through techniques for locating, analyzing, and interpreting logs during investigations. With "Lotsa Logs" at your fingertips, learn how to separate the wheat from the chaff and uncover answers when every second counts."
Webinar Registration Process for Zoom
- Upon registering, you will receive an email confirmation from “MS-ISAC Training and Education <noreply-zoomevents@zoom.us>”. You may also receive a direct calendar invite. If you do not, the confirmation email contains links to download a calendar invitation based on the type of calendar you’re using.
- You can no longer share calendar invitations with others. Zoom provides a unique join link to each person; therefore, each attendee must register individually. However, please note you are still able to register after a webinar has started.
Please feel free to contact info@cisecurity.org with any questions.
--------------------------------------------
MS-ISAC Overview and Mission
The Multi-State Information Sharing and Analysis Center (MS-ISAC), a program within the Center for Internet Security (CIS), is the focal point for cyber threat prevention, protection, response, and recovery for the nation’s State, Local, Tribal, and Territorial (SLTT) governments.
The mission of the MS-ISAC is to improve and facilitate the maturity of the overall cybersecurity posture of the nation’s SLTT governments through focused and collaborative cyber threat prevention, protection, response, and recovery.