DFLabs to Reveal Best Practices for “Live Box” Forensics at SANS Threat Hunting and IR Summit

Back to all articles

DFLabs' Senior Product Manager and an expert in security operations, incident response, digital forensics and investigations John Moran, will present best practices for using “live box” forensics at the upcoming SANS Threat Hunting and Incident Response Summit in New Orleans on September 7, 2018.

As organizations experience an increase in complex cyber threats and advanced attack techniques, such as the use of file-less malware, security operations personnel are turning to the use of “live box” forensics in threat hunting, despite its perceived risks and pitfalls. With this in mind, John will detail the Dos and Don’ts when conducting “live box” forensics for threat hunting and provide a best practices framework for incident response teams. Moreover, he will use a newly released free Windows tool that automates data acquisition to demonstrate “live box” techniques.

Learn more about the Summit here.

You can read the full article here

Read article

Get Started with a One-to-One Personalized Demo

Dramatically reduce the mean time to detection, response and remediation of all potential security incidents, ensuring no alert goes untouched.

See IncMan SOAR in Action.

Request Your Live IncMan SOAR Demo.

DFLabs IncMan SOAR is the pioneering Security Orchestration, Automation and Response (SOAR) platform to automate, orchestrate and measure security operations tasks.

IncMan SOAR harnesses machine learning and automation capabilities to augment human analysts to maximize the effectiveness and efficiency of security operations teams, reducing the time from breach discovery to resolution by up to 80%.

What You'll See in a Demo

See for yourself why IncMan SOAR is the preferred solution of Fortune 500, Global 2000 and MSSP clients. DFLabs IncMan SOAR at a glance:

  • Full and semi-automated Incident Response, improving response times by up to 80%
  • Covers the entire spectrum of IR and SecOps
  • Automated Responder Knowledge (ARK) generated by machine learning
  • Highly flexible and customizable, with over 100 templates and automation actions out of the box
  • Correlation engine correlates all relevant IOCs and artefacts between incidents
  • Multi-tenancy and granular role-based access
  • Dual mode playbooks and intelligence sharing
  • Powerful case management with integrated forensics capabilities.

Yes, I want a demo

DFLabs would like to stay in touch to provide you with marketing related content. By ticking the box you consent to receive educational, company and promotional information from DFLabs and accept DFLabs' Privacy Policy.

* Required fields