By Joe Travaglini, Director of Products
When it comes to analyzing root cause of an incident, it’s not only a matter of finding the trigger event, but also the the sequence of events that set the stage, and sometimes even the intent. Drawing a comparison to the real world, in the case of a fire, was it some electrical malfunction, a rogue cigarette that wasn’t properly extinguished, or was it arson? In cybersecurity, making this type of assessment is the role of forensic investigations. What did the attack look like and where did it come from? Given the well documented numbers about how long a threat exists in a latent form within a network, we can certainly be doing a better job reducing Mean Time to Know.