Powering Up Incident Response with Power-Response

DATE:
Thursday, December 12

TIME:
10:00 am – 11:30 am

SPEAKER(S):
Andrew Schmitt
Matt Weikert

SESSION TRACK:
Keep it Safe

Threat actors and attacks are becoming more sophisticated and complex by the day. Time may be the most valuable asset that incident responders have (or maybe don’t have) during an incident, and it is imperative that we stack our tools and processes in a way that promotes time and process efficiency. This is what lead to the creation of Power-Response.

Power up your incident response capabilities with Power-Response, an open-source, PowerShell based incident response framework. Power-Response is a modular, open-source PowerShell incident response framework that allows incident responders to take advantage of robust tools in a consolidated console while conducting the incident response effort. This talk will focus on the modular capabilities and tools integrated into Power-Response and how they can be used to increase efficiency during an incident. IT and information security professionals will leave this presentation with the knowledge and tools to improve their incident response capability and the ability to scale Power-Response to fit the needs of their organization.

Learning Objectives

  1. Understand the incident response life cycle based on the SANS PICERL framework and utilize this framework to drive incident response and investigations.
  2. Utilize Power-Response to traverse the identification and containment phases of the incident response life cycle including effective scoping and intelligence development.
  3. Effectively utilize Power-Response to perform simultaneous data collection across multiple hosts using proactive incident response techniques (AKA Threat Hunting).

About GTS Educational Events

If you are a nonprofit or public sector group looking to create a conference, workshop or educational event with impact, look to GTS. We believe educational events are successful when participants learn and grow and then return to their organizations and communities to make them stronger. We look forward to continuing our work with the broad spectrum of organizations striving to make a difference for the people and communities they serve.

Steering Committee

Alex Hepp, City of Hopkins
Bill Bleckwehl, Cisco
Dave Andrews, DEED
Jay Wyant, Minnesota IT Services
Jim Hall, Ramsey County
Matt Bailey, IBM
Melissa Reeder, League of Minnesota Cities
Nathan Beran, City of New Ulm
Sue Wallace, IT Futures Foundation
Lisa Meredith, Minnesota Counties Computer Cooperative
Justin Kaufman, Minnesota IT Services
Renee Heinbuch, Washington County/MNCITLA
Jerine Rosato, Ramsey County
David Berthiaume, Minnesota IT Services
Cory Tramm, Sourcewell Tech 

Content Committee

Tomas Alvarez, Federal Reserve
Tom Ammons, MN.IT – Central
Dave Andrews, MN State Services for the Blind
Susan Bousquet, MN.IT – DOT
Robert Granvin, Metro State
Alex Hepp, City of Hopkins
Shawntan Howell, Ramsey County
Jenny Johnson, Metropolitan Council
Millicent Kasal, MN.IT – Central
Ping Li, MN.IT – MMB
Chibuzor Nnaji, MN.IT – DHS
Mehrdad Shabestari, MN.IT – Central