Digital Forensics, Incident Response and Root-Cause Analysis have many tools in common. Digital Forensics and Incident Response have different procedures.
If “prevention eventually fails,” I suggest fast, precise, thorough detection & response — which is what tends to happen in the real world.
— Richard Bejtlich (@taosecurity) May 29, 2013
And this, ladies and gentlemen, is what we need to be teaching our security students, instead of all this GRC bullshit.