Cisco Blogs / Brad Garnett
Brad Garnett
Manager of Incident Response
Talos
Brad Garnett (CCE®, GCFE, GCFA, GNFA, GCTI) is a Manager with Cisco Talos Incident Response Team where he works with government entities and large organizations on a global scale in preparedness, tactical response to computer intrusions, and emerging cyber threats. Brad began his cybersecurity career, while working in law enforcement in the State of Indiana. Ten years later, he transitioned to the private sector. Brad has investigated numerous computer crimes and performed forensic analysis on a wide range of digital mediums. At Cisco, Brad has worked and lead a wide-range of global incident response engagements across many industry verticals. Brad’s vast experience, training, and education come from a blend of his law enforcement and DFIR (Digital Forensics & Incident Response) background. Brad serves on the board of directors for his local public education foundation and is a 2016 TEDx speaker. When Brad isn’t fighting evil or teaching, he enjoys his family, cons, cyber threat intelligence, running, airshows, and coaching youth football.
Articles
Compromise Assessment vs Threat Hunting
While table top exercises are always a hot commodity for our customers, proactive threat hunting and compromise assessments are becoming increasingly popular through our Cisco Incident Response Readiness & Retainer service. Whether your organization has recently gone through a merger or acquisit…
The Power of Logging in Incident Response
A deep dive into logging as an often-overlooked but powerful tool for incident detection and response
“Lack of instrumentation or insufficient logging” is often a phrase used on incident response reports. During incident response activities, this isn’t a phrase you want to see, since lack of logging…
Triage Forensics: Leveraging Digital Forensics during Incident Response
You have just been notified by a “TLA” (Three Letter Agency), a law enforcement agency, that your organization has suffered a data breach. Depending on your Threat Management Maturity level, you will either approach this methodically or ad-hoc. A TLA notification will generally involve leveraging th…