{"id":5936,"date":"2021-01-25T08:22:49","date_gmt":"2021-01-25T16:22:49","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5936"},"modified":"2021-01-26T10:15:33","modified_gmt":"2021-01-26T18:15:33","slug":"hackno-recap-accelerating-incident-response","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/","title":{"rendered":"Hack, No! Recap: Accelerating Incident Response"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Recently, five InfoSec leaders joined Hack, No! for a panel discussion titled \u201c<\/span><b><i>Accelerating Incident Response: What Can Automated Visibility and Threat Context Do For You<\/i><\/b><span style=\"font-weight: 400;\">?\u201d. The discussion covered<\/span><span style=\"font-weight: 400;\"> the role of DDI and DNS security in incident response. The highly experienced\u00a0 panelists included Matt Bromley from the SANS Institute, Jonathan <\/span><span style=\"font-weight: 400;\">Couch, SVP <\/span><span style=\"font-weight: 400;\">Strategy from ThreatQuotient, Chris Burch, CISO and Director Cybersecurity from EagleView and Srikrupa Srivatsan, Director of Product Marketing from Infoblox. Cricket Liu, Chief DNS Officer at Infoblox moderated the discussion.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Setting the context for the discussion, Matt began the event by laying out SANS\u2019s 6-step incident response process; Preparation, Identification, Containment, Eradication, Recovery and Lessons learned. He noted that organizations are most likely to spend significant time resources at certain steps of the process, repeating each step in a closed loop, but getting better with each response. The challenge for organizations is understanding which factors help\u00a0 them to successfully implement this incident response process.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cricket and Jonathan highlighted the foundational role that DNS plays in this process since it lies at the center of identification and containment. As Jonathan noted, 95% of malware attacks can be traced using DNS logging and monitoring of DNS traffic, making DNS the source of truth when it comes to understanding the nature of threats.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">DHCP and IPAM also allow InfoSec professionals to dig deeper into attacks and gather intel on compromised assets and the extent of damage. As Srikrupa explained, \u201cDHCP fingerprint gives information on the type of devic<\/span><span style=\"font-weight: 400;\">e tha<\/span><span style=\"font-weight: 400;\">t is compromised<\/span><span style=\"font-weight: 400;\">. Wh<\/span><span style=\"font-weight: 400;\">ereas IPAM metadata delivers additional network information, and can tell you which part of the network the compromised end host<\/span><span style=\"font-weight: 400;\"> is. T<\/span><span style=\"font-weight: 400;\">his means that when we combine the intel from DNS, DHCP and IPAM (collectively known as DDI) &#8211; we can get crucial forensic information from the \u201ccrime scene\u201d that tells us the extent of damage, which assets are compromised and how the attack was orchestrated, all of which is crucial for SecOps teams to be able to prioritize incident response.\u201d<\/span><\/p>\n<p><span style=\"font-weight: 400;\">A robust incident response process heavily depends on threat intelligence acquired by the organization, which cannot be done in absence of comprehensive integrations with internal and external platforms. Jonathan explained how this works: \u201c The threat intelligence platform consolidates the external threat intelligence, internal threat intelligence record and daily network data and stores it in a centralized location to leverage these as needed. Here integrations with case management systems, SIEMs, hunting tools, vulnerability management system and DDI is crucial for free flow of data. The end goal is for everybody connecting to this ecosystem to have the same situational awareness as well as incident knowledge, whether or not they were directly targeted. So while a threat intelligence platform consolidates threat intelligence from different organizations and sources, it also helps scope the extent of threat damage and identify the attack correctly.&#8220;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The panel also discussed how this process plays out in supply chain attacks, like the SolarWinds attack, which wiped out $3 billion worth of corporate assets. Supply chain attacks are specifically designed to leverage an active entry vector via third party vendors and attack the system. Today, the real question for organizations is to quickly determine whether or not they have also been compromised.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The recent supply chain attacks were also focused on a particular user group or business type, meaning that not all who downloaded the malware were impacted. Organizations increasingly <\/span><span style=\"font-weight: 400;\">adopting to S<\/span><span style=\"font-weight: 400;\">aaS platforms and third parties and need to understand the risk of exposures to the external platforms that they are leveraging.<\/span><span style=\"font-weight: 400;\">\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Infoblox customer and EagleView CISO Chris Burch discussed some best practice measures such <\/span><span style=\"font-weight: 400;\">as <\/span><span style=\"font-weight: 400;\">ve<\/span><span style=\"font-weight: 400;\">tting their vendors\u2019 security measures and risk management , implementing Know Your Vendor policies, diversifying the tech stack, checking security scores with third party audits and paying attention to good security hygiene. He also elaborated on <\/span><span style=\"font-weight: 400;\">how his company deployed BloxOne<\/span><span style=\"font-weight: 400;\">TM<\/span><span style=\"font-weight: 400;\"> Threat Defense to modernize their remote network security posture and mitigate cybersecurity threats.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">When an adversary is as sophisticated as the one that conducted the SolarWind supply chain attacks, the only layer of security that organizations can count on is a solid incident response process. This is where listening to the DNS data and IPAM metadata can help organizations quickly get back on their feet and identify vulnerabilities that need to be patched to prevent future attacks.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Ultimately, however, the panel agreed that if an organization finds itself under attack, a six-step incident response plan backed by DDI is the best wa<\/span><span style=\"font-weight: 400;\">y to trigg<\/span><span style=\"font-weight: 400;\">er immediate responses, share threat intelligence, automate incident response and keep damage to a minimum.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Interested in listening to the complete discussion? You can tune in <\/span><a href=\"https:\/\/info.infoblox.com\/resources-webinars-accelerating-ir-what-automated-visibility-and-threat-context-can-do\"><span style=\"font-weight: 400;\">here<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Recently, five InfoSec leaders joined Hack, No! for a panel discussion titled \u201cAccelerating Incident Response: What Can Automated Visibility and Threat Context Do For You?\u201d. The discussion covered the role of DDI and DNS security in incident response. The highly experienced\u00a0 panelists included Matt Bromley from the SANS Institute, Jonathan Couch, SVP Strategy from ThreatQuotient, [&hellip;]<\/p>\n","protected":false},"author":227,"featured_media":5937,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[228,28,424,425,30,426],"class_list":{"0":"post-5936","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-bloxone-threat-defense","9":"tag-ddi","10":"tag-hack-no","11":"tag-cricket-liu","12":"tag-dns","13":"tag-sans","14":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Hack!No Recap: Accelerating Incident Response | Infoblox<\/title>\n<meta name=\"description\" content=\"Recently, five InfoSec leaders joined Hack!No for a panel discussion titled \u201cAccelerating Incident Response: What Can Automated Visibility and Threat Context Do For You?\u201d. The discussion covered the role of DDI and DNS security in incident response. The highly experienced panelists included Matt Bromley from the SANS Institute, Jonathan Couch SVP Strategy from ThreatQuotient, Chris Burch, CISO and Director Cybersecurity from EagleView and Srikrupa Srivatsan, Director of Product Marketing from Infoblox. Cricket Liu, Chief DNS Officer at Infoblox moderated the discussion.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hack, No! Recap: Accelerating Incident Response\" \/>\n<meta property=\"og:description\" content=\"Recently, five InfoSec leaders joined Hack!No for a panel discussion titled \u201cAccelerating Incident Response: What Can Automated Visibility and Threat Context Do For You?\u201d. The discussion covered the role of DDI and DNS security in incident response. The highly experienced panelists included Matt Bromley from the SANS Institute, Jonathan Couch SVP Strategy from ThreatQuotient, Chris Burch, CISO and Director Cybersecurity from EagleView and Srikrupa Srivatsan, Director of Product Marketing from Infoblox. Cricket Liu, Chief DNS Officer at Infoblox moderated the discussion.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-25T16:22:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-01-26T18:15:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/hack-no-2021.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"514\" \/>\n\t<meta property=\"og:image:height\" content=\"374\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Krupa Srivatsan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Krupa Srivatsan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/\"},\"author\":{\"name\":\"Krupa Srivatsan\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/3cd3a5f9e497b09854c3bc168f9365d5\"},\"headline\":\"Hack, No! Recap: Accelerating Incident Response\",\"datePublished\":\"2021-01-25T16:22:49+00:00\",\"dateModified\":\"2021-01-26T18:15:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/\"},\"wordCount\":783,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/hack-no-2021.jpg\",\"keywords\":[\"BloxOne\u00ae Threat Defense\",\"DDI\",\"Hack No\",\"Cricket Liu\",\"DNS\",\"SANS\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/\",\"name\":\"Hack!No Recap: Accelerating Incident Response | Infoblox\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/hack-no-2021.jpg\",\"datePublished\":\"2021-01-25T16:22:49+00:00\",\"dateModified\":\"2021-01-26T18:15:33+00:00\",\"description\":\"Recently, five InfoSec leaders joined Hack!No for a panel discussion titled \u201cAccelerating Incident Response: What Can Automated Visibility and Threat Context Do For You?\u201d. The discussion covered the role of DDI and DNS security in incident response. The highly experienced panelists included Matt Bromley from the SANS Institute, Jonathan Couch SVP Strategy from ThreatQuotient, Chris Burch, CISO and Director Cybersecurity from EagleView and Srikrupa Srivatsan, Director of Product Marketing from Infoblox. Cricket Liu, Chief DNS Officer at Infoblox moderated the discussion.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/hack-no-2021.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/hack-no-2021.jpg\",\"width\":514,\"height\":374},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/hackno-recap-accelerating-incident-response\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Hack, No! Recap: Accelerating Incident Response\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/3cd3a5f9e497b09854c3bc168f9365d5\",\"name\":\"Krupa Srivatsan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_227_1571768571-96x96.jpg\",\"url\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_227_1571768571-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/live-infoblox-blog.pantheonsite.io\\\/wp-content\\\/uploads\\\/avatar_user_227_1571768571-96x96.jpg\",\"caption\":\"Krupa Srivatsan\"},\"description\":\"Krupa is Senior Director of Product Marketing at Infoblox. She has 18 years of experience in technology in various roles including software development, product management and product marketing. Currently, she is responsible for messaging, positioning and bringing to market Infoblox\u2019s security solutions that ease security operations and provide DNS based security. She has an MBA from University of California, Haas School of Business and a Computer Science Engineering degree.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/krupa-srivatsan\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Hack!No Recap: Accelerating Incident Response | Infoblox","description":"Recently, five InfoSec leaders joined Hack!No for a panel discussion titled \u201cAccelerating Incident Response: What Can Automated Visibility and Threat Context Do For You?\u201d. The discussion covered the role of DDI and DNS security in incident response. The highly experienced panelists included Matt Bromley from the SANS Institute, Jonathan Couch SVP Strategy from ThreatQuotient, Chris Burch, CISO and Director Cybersecurity from EagleView and Srikrupa Srivatsan, Director of Product Marketing from Infoblox. Cricket Liu, Chief DNS Officer at Infoblox moderated the discussion.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/","og_locale":"en_US","og_type":"article","og_title":"Hack, No! Recap: Accelerating Incident Response","og_description":"Recently, five InfoSec leaders joined Hack!No for a panel discussion titled \u201cAccelerating Incident Response: What Can Automated Visibility and Threat Context Do For You?\u201d. The discussion covered the role of DDI and DNS security in incident response. The highly experienced panelists included Matt Bromley from the SANS Institute, Jonathan Couch SVP Strategy from ThreatQuotient, Chris Burch, CISO and Director Cybersecurity from EagleView and Srikrupa Srivatsan, Director of Product Marketing from Infoblox. Cricket Liu, Chief DNS Officer at Infoblox moderated the discussion.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/","og_site_name":"Infoblox Blog","article_published_time":"2021-01-25T16:22:49+00:00","article_modified_time":"2021-01-26T18:15:33+00:00","og_image":[{"width":514,"height":374,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/hack-no-2021.jpg","type":"image\/jpeg"}],"author":"Krupa Srivatsan","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Krupa Srivatsan","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/"},"author":{"name":"Krupa Srivatsan","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/3cd3a5f9e497b09854c3bc168f9365d5"},"headline":"Hack, No! Recap: Accelerating Incident Response","datePublished":"2021-01-25T16:22:49+00:00","dateModified":"2021-01-26T18:15:33+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/"},"wordCount":783,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/hack-no-2021.jpg","keywords":["BloxOne\u00ae Threat Defense","DDI","Hack No","Cricket Liu","DNS","SANS"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/","url":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/","name":"Hack!No Recap: Accelerating Incident Response | Infoblox","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/hack-no-2021.jpg","datePublished":"2021-01-25T16:22:49+00:00","dateModified":"2021-01-26T18:15:33+00:00","description":"Recently, five InfoSec leaders joined Hack!No for a panel discussion titled \u201cAccelerating Incident Response: What Can Automated Visibility and Threat Context Do For You?\u201d. The discussion covered the role of DDI and DNS security in incident response. The highly experienced panelists included Matt Bromley from the SANS Institute, Jonathan Couch SVP Strategy from ThreatQuotient, Chris Burch, CISO and Director Cybersecurity from EagleView and Srikrupa Srivatsan, Director of Product Marketing from Infoblox. Cricket Liu, Chief DNS Officer at Infoblox moderated the discussion.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/hack-no-2021.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/hack-no-2021.jpg","width":514,"height":374},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/hackno-recap-accelerating-incident-response\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Hack, No! Recap: Accelerating Incident Response"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/3cd3a5f9e497b09854c3bc168f9365d5","name":"Krupa Srivatsan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_227_1571768571-96x96.jpg","url":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_227_1571768571-96x96.jpg","contentUrl":"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/avatar_user_227_1571768571-96x96.jpg","caption":"Krupa Srivatsan"},"description":"Krupa is Senior Director of Product Marketing at Infoblox. She has 18 years of experience in technology in various roles including software development, product management and product marketing. Currently, she is responsible for messaging, positioning and bringing to market Infoblox\u2019s security solutions that ease security operations and provide DNS based security. She has an MBA from University of California, Haas School of Business and a Computer Science Engineering degree.","url":"https:\/\/www.infoblox.com\/blog\/author\/krupa-srivatsan\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5936","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/227"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5936"}],"version-history":[{"count":4,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5936\/revisions"}],"predecessor-version":[{"id":5941,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5936\/revisions\/5941"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/5937"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5936"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5936"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5936"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}