Office 365 Incident Response

Alex Parsons

As adoption for Office 365 increases, so will security incidents that involve Office 365. Despite the high adoption rates across industries, most companies still lack the ability to enforce proper security controls and they also lack the knowledge to respond to incidents quickly and effectively.

In this talk, we will focus on attacker patterns in O365 environments, how to collect the data you need during an incident, and how to respond to common requests and questions, especially during phishing related cases. We will also look into some of the advanced security features Office 365 has to offer and when it would make sense to invest in them.

Speakers Bio: Alex Parsons is an Incident Response Consultant in Stroz Friedberg’s Seattle, Washington, office. Mr. Parsons is responsible for providing immediate response for network and data breach incidents. Mr. Parsons is also responsible for providing forensic acquisitions and examinations of laptops, desktops, servers, and smartphones in civil litigations, criminal matters, and internal investigations. Prior to joining Stroz Friedberg, Mr. Parsons was a Forensic Researcher at the Leahy Center for Digital Investigation (LCDI) where he wrote and published the world's first Windows 10 forensic paper.

Mr. Parsons obtained a Bachelor of Science in Computer Networking & Information Security with a specialization in Cyber Security and a Minor in Digital Forensics from Champlain College in Burlington, VT. Since graduation Mr. Parsons has received a Global Certified Forensic Examiner (GCFE) certification as well as a Global Certified Incident Handler (GCIH) certification from the SANS Institute.