<<
Logs for Incident Response
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA Chief Logging Evangelist
Mitigating Risk. Automating Compliance.
LogLogic Confidential Monday, June 23, 2008 1 Logs for Incident Investigations
A few thoughts to start us off … All attackers leave traces. Period! ☺ It is just that you don’t always know what and where And almost never know why… Logs are the place to look, first
Mitigating Risk. Automating Compliance. Confidential | Monday, June 23, 2008 2 Goals