Dennis Rand is working at JN Data a financial hosting company in Denmark where he is focusing around the areas Incident response and Threat intelligence.
Utilizing MISP into your Incident reponse plan
Based on working with multiple intrusions the one thing that often fails in larger organisations is the
Containment and Eradication part. It is often hard to coordinate a joint containment plan that will work across multiple platforms, systems and customer combined with change management and get all of these parts tied together and implemented within a time periode of less than 30 minutes.
The talk will cover how the usage of MISP can assist in the part of the Incident reponse process allowing the IR team to be much more in control on both large and minor incidents with in the parts of Detection & analysis and Containment and Eradication.