How do you perform incident response on systems in your environment at scale or when the system that needs to be analyzed is in a geographically different location than your analysts? What if you need to do this and have no real budget to work with to use commercial tools? The answer is Google Rapid Response (Google GRR). In this Blue Team Edition Episode of Tradecraft Security Weekly we (@0xderuke & @dafthack) demonstrate retrieving a potentially weaponized spreadsheet from a remote computer system using GRR. LINKS

[audio src=""]