Lesley Carhart 
I don’t understand companies that buy a credible incident response retainer and then are terrified to activate it, even though the hours are paid for and a rate and SLA are guaranteed. When in doubt, activate your retainer! Get a fresh set of eyes! You don’t just buy the retainer for the sake of your insurer and regulator. You have specialist incident responders on call to help you and help make things better! Any legitimate company will just use the minimum required hours for the contract and situation. It isn’t a magic red button where the incident isn’t real until you press it… #infosec #DFIR
Jess@hacks4pancakes sry don't want to sound like a noob, what's a IR Retainer about? Is it a resource or software ?
NerdShinobi@fink_jess @hacks4pancakes noobs rock! One of my favorite people is such because they're always fearlessly asking questions. 😉
Experts in the making.
Experts in the making.
@NerdShinobi @hacks4pancakes I'm already about to annoy my infosec counterpart at work on Monday about it. Something I'm not yet using in our day to day incident response so keen to learn if we can borrow some ideas and concepts 