Blue Team Sprint: Let’s fix these 3 things on Monday

We’re all overworked. During this presentation we will discuss (and deploy) 3 things that you can implement on Monday that WON’T require 3 additional engineers 3 weeks to accomplish.

We’re all overworked. We all wish we had an extra set of hands. During this presentation we will discuss (and teach you how to deploy) 3 things that you can implement on Monday that WON’T require 3 additional engineers 3 weeks to accomplish… 3 things that if you don’t have already will be very valuable in most incident response and vulnerability management scenarios.

1. Network Baselines
2. Application Baselines with Applocker
3. Log management/indexing with Elastic Stack.

Note This is going to be fast, but it will be recorded, and the slides will be available to provide you step by step instructions

Note 2 I learned my lesson last year, and we WILL support IPv6 :p