Author Archives: Koen Van Impe

How to Defend With the Courses of Action Matrix and Indicator Lifecycle Management

Posted on by

The lifecycle management of indicators is an important element to support decisions and actions against attackers. This process informs the courses of action matrix to build a response plan.

The post How to Defend With the Courses of Action Matrix and Indicator Lifecycle Management appeared first on Security Intelligence.

Continue reading How to Defend With the Courses of Action Matrix and Indicator Lifecycle Management

How Pivoting Can Help Your Incident Response Process

Posted on by

Indicators of compromise are key data points used during an incident response process. Regularly testing the reliability of your indicators can make all the difference in your IT security process.

The post How Pivoting Can Help Your Incident Response Process appeared first on Security Intelligence.

Continue reading How Pivoting Can Help Your Incident Response Process

How Can an ISAC Improve Cybersecurity and Resilience?

Posted on by

Sharing computer security information is now an established practice in IT. But pooling resources in an ISAC can provide greater insight, broader collaboration and improved overall cyber resiliency.

The post How Can an ISAC Improve Cybersecurity and Resilience? appeared first on Security Intelligence.

Continue reading How Can an ISAC Improve Cybersecurity and Resilience?

What Are the Different Types of Cyberthreat Intelligence?

Posted on by

Building a cyberthreat intelligence program can be a daunting task. However, it’s best to start small and grow continuously.

The post What Are the Different Types of Cyberthreat Intelligence? appeared first on Security Intelligence.

Continue reading What Are the Different Types of Cyberthreat Intelligence?

How to Choose the Right Malware Classification Scheme to Improve Incident Response

Posted on by

Analysts can improve and automate their incident response processes by adopting the right malware classification scheme according to specific threat management goals.

The post How to Choose the Right Malware Classification Scheme to Improve Incident Response appeared first on Security Intelligence.

Continue reading How to Choose the Right Malware Classification Scheme to Improve Incident Response

Reducing Dwell Time With Automated Incident Response

Posted on by

As the threat landscape evolves, it is increasingly important for organizations large and small to invest in automated incident response solutions to reduce dwell time and eliminate alert fatigue.

The post Reducing Dwell Time With Automated Incident Response appeared first on Security Intelligence.

Continue reading Reducing Dwell Time With Automated Incident Response

Basic Security Tools You Cannot Afford to Miss in Your Risk Management Program

Posted on by

Security professionals can leverage freely available, open source security tools to protect their environments from threats.

The post Basic Security Tools You Cannot Afford to Miss in Your Risk Management Program appeared first on Security Intelligence.

Continue reading Basic Security Tools You Cannot Afford to Miss in Your Risk Management Program

Raise the Red Flag: Guidelines for Consuming and Verifying Indicators of Compromise

Posted on by

Before sharing indicators of compromise, analysts must consider the sensitivity of the data and verify the identities of the senders and receivers.

The post Raise the Red Flag: Guidelines for Consuming and Verifying Indicators of Compromise appeared first on Security Intelligence.

Continue reading Raise the Red Flag: Guidelines for Consuming and Verifying Indicators of Compromise

Using a Free Online Malware Analysis Sandbox to Dig Into Malicious Code

Posted on by

A public malware sandbox can be a great substitute for an in-house malware analysis solution — as long as you understand its limitations.

The post Using a Free Online Malware Analysis Sandbox to Dig Into Malicious Code appeared first on Security Intelligence.

Continue reading Using a Free Online Malware Analysis Sandbox to Dig Into Malicious Code