{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Talkin' Bout [Infosec] News","title":"Webcast: Think You're Compromised? What Do We Do Next?","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/35bcafc4\"></iframe>","width":"100%","height":180,"duration":3778,"description":"In this webcast, we will cover what we can do if we think there is a breach on our network. \n\n\n\nWe will cover live forensics, cool PowerShell scripts, network, and event log analysis, cool IR spreadsheets, and checklists.  \n\n\n\nWe will also be covering the status of our ELK project for reviewing Event ID 3 from Sysmon.  \n\n\n\nSo, a lot… Yep… A crazy amount.  \n\n\n\nDownload slides: https://www.activecountermeasures.com/presentations  \n\n\n\n00:00 – Intro \n\n\n\n00:47 – “Ok, But Why” \n\n\n\n02:17 – Have It The Wrong Way \n\n\n\n04:35 – Have It The Right Way \n\n\n\n06:58 – Lego My Incident Response\n\n\n\n08:25 – Monologging On Mute \n\n\n\n11:57 – Wouldn’t Be Prudent \n\n\n\n14:29 – “Better Than Bad, It’s Good”\n\n\n\n21:33 – A Van Full of Free Tools \n\n\n\n44:10 – CSI: Memory \n\n\n\n45:01 – We Got Cheat Sheets if You Want Some Cheat Sheets \n\n\n\n47:20 – Overlapping Venn Diagrams \n\n\n\n49:46 – Questions in the Wild \n\n\n\n59:15 – Sucking at Capitalism \n\n\n\n\n\n\n\nJoin the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts.\n\n\n\n            \n\t\t\t\tJoin 2,052 other subscribers","thumbnail_url":"https://img.transistorcdn.com/WPYM9pq_SRUcywHv9tdgpsGLyLx04W2rDmzktvAcD4Y/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8xZTA1/ZWZhNDcxZGM4ZTFj/ZGJhMTMwNmYzMmJj/ZjBkNi5wbmc.webp","thumbnail_width":300,"thumbnail_height":300}