Collaborate Disseminate
SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device. However, a SIEM’s primary capabilities are to provide threat detection, better enable in… Continue reading WHAT IS A SIEM, AND WHY SHOULD YOU HAVE ONE?
When I was younger, and printed newspapers were a more common household purchase, I remember fondly watching my mother play a game called “Spot the Ball.” For those of you not familiar with this, it consisted of a photograph of a recent football (socce… Continue reading Spot the Ball & Security Detection Games
Confidence isn’t new when it comes to cybersecurity. All the way back in 2015, for example, 86% of security professionals working in the energy sector told Tripwire that they were confident they could detect a breach in a week. Just less than half (49%… Continue reading Survey: Nearly Half of Manufacturers Suffered a Digital Attack in the Last Year
Data breaches are costing organizations millions of dollars on average. In its 2020 Cost of a Data Breach Report, IBM found that a data breach cost the average organization $3.86 million. This price tag was even greater for organizations located in the… Continue reading What Is a Security Operations Center (SOC)?
A relatively recent post showed how Metasploit’s Meterpreter module made some noise on endpoints when the migrate command was used to move the agent code into a legitimate process, spoolsv.exe in our example.
One of the things we saw in that post was … Continue reading Hunting injected processes by the modules they keep
During the past year, we have witnessed significant data breaches that have impacted industries ranging from hospitality to legal to social media. We have seen a continuation of financially motivated threats, such as business email compromise (BEC), wh… Continue reading SANS 2019 Incident Response Survey: Successful IR Relies on Visibility
If you want to become a digital forensic expert, be aware that when entering the field, you will be presented with an abundance of information that you will not know. It is a wonderfully challenging career path. Some believe that having the title of a … Continue reading How to Get Started in Digital Forensics
Managing security incidents can be a stressful job. You are dealing with many questions all at once. What’s the scope? Who do I need to engage? How do I manage all of this? As an Incident Commander (IC), you have many responsibilities. You’… Continue reading Crisis Management Automation for the Entire Organization with Dispatch – BSidesSF Preview
One of the only things that is constant in life is change. It’s the same with cybersecurity. There are different types of changes to consider. Changes that we accept Changes that are good Changes that are bad A lot of changes in our everyday life… Continue reading Change Is Inevitable: Tripwire File Analyzer
On Thursday 6th December, 2018, I realized how dependent I was on my mobile phone having an internet connection. That particular day, I was out and about away from Wi-Fi networks. The first time I noticed I had no connectivity was when I used my phone … Continue reading All I Want for Christmas… Is a New SSL Certificate