Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment

Forums it-sa Expo Knowledge Forum C

Cyber Defence Lifecycle: The way back to normal operations

Why major incidents happen - practical experience reports.

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: Forums it-sa Expo

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

Please log in or register in advance so that you can take part in actions or watch the action videos!

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. Please login or register to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Tue, 25.10.2022, 11:00 - 11:15

event_available On site

Action Video

south_east

Action description

south_east

Speaker

south_east

Themes

SIEM / Threat Analytics / SOC

Organizer

SEC Consult Deutschland Unternehmensberatung GmbH

Event

This action is part of the event Forums it-sa Expo

Action Video

Action description

Firewall and antivirus systems alone do not provide sufficient protection against cyber attacks. This awareness is already present in most organisations and companies and SIEM systems as well as EDR tools are increasingly part of the toolbox of corporate IT security departments.

However, despite monitoring of systems and advanced machine learning technology integrated with Next Generation Virus Protection, entire corporate structures are regularly compromised. As team leader of a Managed Incident Response Team, I share with you the experiences that my colleagues and I have gathered in past deployments and explain why these solutions have become almost indispensable - but do not represent an insurmountable hurdle for half-skilled attackers on their own. ... read more