Post-GDPR Security Investigations
In May 2018, the General Data Protection Regulation (GDPR) went into effect and subsequently altered the way that cybersecurity analysts are able to perform their investigations. Where, previously, connections between incidents and attribution had often been tied to publicly available Whois data, there was now the word REDACTED hindering those linkages.
However, not all was lost with the implementation of GDPR and there are still numerous methods by which to conduct an incident investigation. In this report, we will identify four methods by which threat researchers can perform analysis using techniques that were not impacted by GDPR regulation, including Risk Score within DomainTools Iris platform, non-registrant based connections and attributions, OSINT-based methodologies, and information sharing.
In this white paper you will learn:
- Essential investigation methods to produce timely and relevant intelligence
- Valuable Open Source Intelligence (OSINT) resources you can leverage to defend your organization
- Real world investigations using key investigative techniques