A Security Engineer’s Nightmare – Investigating a Security Breach

Thu, August 20, 2020 @ 10:00 am PT

Join Steve Litras, Cribl’s Lead Technical Evangelist, for this event.

As a security professional, you pride yourself on your ability to protect your enterprise from threats. You’ve carefully planned and monitored the security of the network, applications in the cloud, and IoT endpoints. That’s when your nightmare scenario surfaces: you discover a breach and it happened more than a year ago – how will fix any existing vulnerabilities and find out what happened?

In this webinar, Cribl Lead Technical Evangelist, Steve Litras will walk through the painful tasks of executing a successful security breach and offer some strategies for making it a lot easier. Topics include:

  • How to get old logs back into your SIEM tool for analysis (including thawing old log buckets)
  • Determining the optimal length to retain log data in expensive analytics tools
  • Strategies for storing log data in low-cost storage in case you need to analyze it later