Why Are They Asking Me to Do This? or Adventures in IR Land

Explore the world of Linux security and incident response in this 27-minute conference talk from linux.conf.au 2022. Delve into the increasing threat landscape for Linux systems, as highlighted by the X-Force Threat Intelligence Index 2021. Learn about the rise of new Linux malware families and how threat actors are expanding their focus beyond Windows systems. Discover the essential steps of an Incident Response (IR) process, including preparation, detection analysis, and containment. Gain insights into why incident responders request specific artifacts during an investigation. Understand the importance of lessons learned in improving future security measures. Whether you're a system administrator, security professional, or Linux enthusiast, gain valuable knowledge to better protect your systems and respond effectively to potential security incidents.

Introduction
About me
Agenda
Security Incident
Security Incident Diagram
Preparation
Detection Analysis
Containment
Lessons Learned