Collaborate Disseminate
Guest article by Andy Pearch, Head of IA Services at CORVID
78% of businesses cite cyber security as a high priority for their organisation’s senior management. Whilst it is encouraging that this figure has risen year on year, generating awarene… Continue reading How organisations can effectively manage, detect and respond to a data breach?
Visit Graham Cluley’s Twitter Feed for a Superb Recording of the Latest WIPRO Earnings Call and Questions Dubiously Answered.
Visit Brian Krebs’ always well-researched and fact checked information security blog, and Graham Cluley’s Twitter Feed … Continue reading Brian Krebs x Graham Cluley: The Wipro Lassitude or How Not To Execute Incident Response…
SIEM tools can help security operations center (SOC) teams detect threats, but what good is threat data without the context analysts need to quickly respond to incidents? That’s where SOAR comes in.
The post SOAR: The Second Arm of Security Operations appeared first on Security Intelligence.
Continue reading SOAR: The Second Arm of Security Operations
In today’s treacherous threat landscape, it seems the odds are overwhelmingly stacked against cyberdefenders. But there is one advantage attackers can’t take away: thorough incident response planning.
The post When It Comes to Incident Response, Failing to Plan Means Planning to Fail appeared first on Security Intelligence.
Continue reading When It Comes to Incident Response, Failing to Plan Means Planning to Fail
How you respond to a data breach matters. What qualities do the most elite incident response teams possess? The IBM X-Force IRIS team shares its lessons from the front line.
The post 5 Characteristics of an Effective Incident Response Team: Lessons From the Front Line appeared first on Security Intelligence.
X-Force Red believes vulnerabilities should be ranked based on the importance of the exposed asset and whether the vulnerability is being weaponized by criminals, not necessarily its CVSS score.
The post Calling Into Question the CVSS appeared first on Security Intelligence.
Incident response orchestration and automation can help boost the accuracy and efficiency of IR processes and reduce the burden on the understaffed SOC.
The post Maximize Your Security Operations Center Efficiency With Incident Response Orchestration appeared first on Security Intelligence.
My training submission has been accepted at the BruCON Spring Training session in April 2019. This training is intended for Blue Team members and system/security engineers who would like to take advantage of the OSSEC integration capabilities with other tools and increase the visibility of their infrastructure behaviour. OSSEC is sometimes described as
[The post “Hunting with OSSEC” at BruCON Spring Training has been first published on /dev/random]
Continue reading “Hunting with OSSEC” at BruCON Spring Training
I published the following diary on isc.sans.edu: “Querying DShield from Cortex”: Cortex is a tool part of the TheHive project. As stated on the website, it is a “Powerful Observable Analysis Engine”. Cortex can analyze observables like IP addresses, emails, hashes, filenames against a huge (and growing) list of online services.
[The post [SANS ISC] Querying DShield from Cortex has been first published on /dev/random]
When it comes to security metrics, greater accuracy yeilds greater value, but complete context requires a diversity of insights. What if you can’t have both?
The post Trusting Security Metrics: How Well Do We Know What We Think We Know? appeared first on Security Intelligence.
Continue reading Trusting Security Metrics: How Well Do We Know What We Think We Know?