It’s long since been established that it’s not if a breach will occur in your enterprise, it’s when. Are you prepared for that response? As Dave Kennedy, CEO of TrustedSec once asked a Brrcon audience, “If all you had was Sysmon, could you still do a successful IR?” Best practices are only best if you actually practice them. Along with Robert Wagner, Staff Security Specialist at Splunk, we’ll talk about ways to get your teams to their fighting weight when the bad guys sneak in through the basement.