Life of an Incident

The security industry focuses a great deal on defense, detection and investigation of advanced threats. Once an attacker is on your network, it's imperative to have a formal and repeatable plan to quickly get them back out! This talk explores how Google performs incident management and remediation at scale, adapting the techniques of disaster management professionals and modern open source tools to achieve lightning-fast, efficient response cycles and push the envelope in the field of Incident Response.

Pasquale Stirparo is currently working as Incident Manager at Google. Prior to this, he worked as part of the Digital Forensics, Incident Response and Threat Intelligence teams in the Financial sector, the Joint Research Centre (JRC) of European Commission and at consulting firms. In 2016 he was appointed at the Advisory Group on Internet Security at the European Cyber Crime Center (EC3) of Europol and he is currently Incident Handler with the SANS Internet Storm Center (ISC). Pasquale has also been involved in the development of the Digital Forensics standard “ISO/IEC 27037: Guidelines for identification, collection and/or acquisition and preservation of digital evidence”, for which he led the WG ISO27037 for the Italian National Body in 2010.

Pasquale holds a Ph.D. in Computer Security from the Royal Institute of Technology (KTH) of Stockholm and a M.Sc. in Computer Engineering from Polytechnic of Torino, and is certified GCFA, GREM, OPST, OWSE, ECCE. He is also the co-author of the book “Learning iOS Forensics” edited by PacktPub, awarded as "Best Forensics Book of the Year 2015" by Forensics 4:cast Awards.


This seminar is co-hosted with the Oxford University's CDT in Cyber Security.