In this episode, we take a look at how Verve Reporting, and in particular its ability to search and filter logs, can be useful for high-level forensic investigation. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Dustin Gogue (Technical Account Manager), Andrew Wintermyer (Team Lead, Device & Integration Research) and Zach Woltjer (ICS Security Specialist) as they dive into how Verve Reporting helped identify user account management and authentication issues. Key Takeaways Proper user account hygiene (especially timely user off-boarding) is a key component of a robust security strategy. Maintaining named user accounts for key personnel is important for non-repudiation during investigations. OT software is sometimes installed in a way that binds its services or application authentication to a particular user account, which can present a challenge when and if that user needs to be off-boarded. The ability to collect, filter, and search event logs quickly and easily is a key component of forensic and incident investigation. Timestamps 00:00 – Introduction and sound check 00:27 – Welcome to Season Two of OT After Hours 00:37 – Guest introductions: Dustin, Andrew & Zach 01:30 – Quick overview of what logs are 02:19 – Why logs are important to digital forensics 04:43 – Dustin steps through the process of investigating an influx of logs and discovering key issues 12:50 – Identifying an improperly off-boarded user account within the authentication logging data 13:30 – The complexities of user off-boarding in OT environments 16:32 – Zach on incorporating user account privileges and user employment status into risk calculations 24:15 – Value of the Verve Reporting platform and roundtable discussion 32:33 - Outtro and thank yous Guest Information Dustin Gogue: Technical Account Manager at Verve Industrial Andrew Wintermyer: Device & Integration Research Team Lead at Verve Industrial Zach Woltjer: ICS Security Specialist at Verve Industrial Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

Ver todos los episodios