Blue Teaming & Data Intelligence

The clock is always ticking for a blue team on an active incident. While they benefit from more context than ever before, data intelligence such as knowing what data was involved and accessed has been missing, causing precious time to burn off the clock when you need it most. How could data intelligence improve blue team operations during incidents and beyond? In this episode, Dave explores this question with Doug Clendening, Principal Services Consultant, who prior to Open Raven led response to client data breaches at CrowdStrike and matured blue team operations at Splunk.