forensic to improve incident response

General (Technical, Procedural, Software, Hardware etc.)

Last Post by afsfr 6 years ago

1 Posts

1 Users

0 Reactions

847 Views

RSS

afsfr

(@afsfr)

Eminent Member

Joined: 7 years ago

Posts: 37

Topic starter 11/12/2019 2:18 am

Our forensic team is challenged by incident operation team, they raised the concern

forensic give clear explanation of attack and good root cause analysis and collect evidence, but no improvement of overall incident response process, previously incident response team block malicious IOC even without forensic analysis, monthly breach ticket around 15000 per month, after forensic come into picture, they encounter 10% more tickets and no reduction of tickets

and incident response time increase 20% and the whole process (from ticket open to close) is slowing down

I'm thinking the forensic contribution regarding the incident response, anyone has the similar experience, thanks

Quote

8 Forums
15.7 K Topics
92.3 K Posts
318 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed