In this episode, we take a look at how Verve Reporting, and in particular its ability to search and filter logs, can be useful for high-level forensic investigation. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Dustin Gogue (Technical Account Manager), Andrew Wintermyer (Team Lead, Device & Integration Research) and Zach Woltjer (ICS Security Specialist) as they dive into how Verve Reporting helped identify user account management and authentication issues.
Key Takeaways
Timestamps
00:00 – Introduction and sound check
00:27 – Welcome to Season Two of OT After Hours
00:37 – Guest introductions: Dustin, Andrew & Zach
01:30 – Quick overview of what logs are
02:19 – Why logs are important to digital forensics
04:43 – Dustin steps through the process of investigating an influx of logs and discovering key issues
12:50 – Identifying an improperly off-boarded user account within the authentication logging data
13:30 – The complexities of user off-boarding in OT environments
16:32 – Zach on incorporating user account privileges and user employment status into risk calculations
24:15 – Value of the Verve Reporting platform and roundtable discussion
32:33 - Outtro and thank yous
Guest Information
Subscribe
Get in Touch
LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A
