In our latest webcast, we heard from Christian Kirsch, Principal Product Marketing Manager at Rapid7 on, “When Every Minute Counts: Accelerating Incident Investigations”. In this webcast, Chris spoke about the major challenges incident responders face, and what they can do to tackle these challenges head on and significantly reduce investigation time. Read on to learn the top 3 takeaways from this broadcast:
1. It's Asymmetric Warfare, and time is not our side – Attackers have a significant advantage over incident responders: time. An attacker needs less than a day to get their job done – to get in and compromise a company, get to the data, and exfiltrate it. On the other hand, responders often need more than a month to resolve a security incident - not including time to detection (the average breach is detected after 229 days!).
2. Speed Matters! – To start getting the upper hand, incident responders need to be able to stop attackers before they steal data or gain persistence on a network. Companies will save money by spending less time on investigations and reducing the amount of clean up that needs to be done after a breach. How can this be done? By leveraging tools and processes that enable security professionals to work faster and more efficiently.
3. Something CAN be done – Some of the top challenges faced by incident responders include the inaccessibility of long term data when conducting an investigation (a big problem considering the aforementioned average detection time), the difficulty of correlating user activity to a security event, and a lack of good tools for tracking and communicating the findings of an investigation. The latest feature in UserInsight, the Interactive Investigation Timeline, takes on and simplifies each of these challenges for incident responders.
To learn more about how to significantly reduce investigation time, and see the new Interactive Investigation Timeline feature in action – view the full webcast on-demand now.