Join us as we delve into the world of incident response with our guest expert Giorgio Peticone, a seasoned incident detection and response consultant.In this insightful podcast, we explore real-life incident scenarios, key components of a robust incident response plan, and the critical importance of team collaboration and effective communication. Learn valuable lessons from past incidents, discover how to navigate the challenges of shifting from detection to containment, and gain insights into managing stress and burnout within the incident response team.

00:00 Teaser and Introduction

06:30 Real-life experience of a security incident

09:36 Lessons learned from security incidents

12:47 Key components for building an incident response plan

16:51 Testing and validating an incident response plan

23:46 Team collaboration challenges faced during an incident

27:47 Team collaboration challenges before and after an incident has occurred

31:55 Shift from detection to containment

37:35 Challenges faced when shifting focus from detection to containment

42:00 The Most challenging phase of an incident response

44:50 Approaching a client who recently faced an incident

49:35 Role of automation in improving the efficiency of incident response

52:30 Ensuring automation does not compromise security

55:00 Role of Human Analysts in Incident Response

58:08 Managing stress and burnout after an incident response

01:02:14 Advice for upcoming incident response leaders

01:07:07 How not build a detection engineering capability in an organization?

01:09:55 Summary

01:10:50 Learning recommendation from Giorgio

ScaleToZero: https://scaletozero.com/