Alex is a dedicated Threat Intel, Response, and Detection Engineering enthusiast. He currently runs the Red Team at Barracuda Networks and helps protects their customers through XDR-powered security integrations and operations. In this role, he works with companies who are dealing with critical cyber security incidents and uses these investigations to create detections to help the SOC catch future threats.
Responding to a post-compromise cyber incident often stops after recovery, however organizations and their associates remain the target of attacks long after suffering a breach. The impact of attacks like ransomware extends beyond the initial encryption or exfiltration, with residual threats often lingering in the shadows. In this presentation, we'll explore the critical aftermath of ransomware attacks, focusing on deep/dark web research and the integration of threat intelligence for effective post-recovery considerations.