The Importance of Automating Defensive Engagements

I personally do not believe that the investigation phase can be fully automated I think there's an human aspect that needs to happen. We try to really focus okay so we take the detection we understand what type of data is supposed to be coming back from that and then maybe set a base condition. Jared, if you wanted uh i don't know base 64 decode power shell this is how you can go about doing that or um if you want to do whatever download a file from an endpoint this is how they would go about doing it.