Collaborate Disseminate
As the threat landscape evolves, it is increasingly important for organizations large and small to invest in automated incident response solutions to reduce dwell time and eliminate alert fatigue.
The post Reducing Dwell Time With Automated Incident Response appeared first on Security Intelligence.
Continue reading Reducing Dwell Time With Automated Incident Response
I published the following diary on isc.sans.org: “Extending Hunting Capabilities in Your Network“: Today’s diary is an extension to the one I posted yesterday about hunting for malicious files crossing your network. Searching for new IOCs is nice but there are risks of missing important pieces of information! Indeed, the first
[The post [SANS ISC] Extending Hunting Capabilities in Your Network has been first published on /dev/random]
Continue reading [SANS ISC] Extending Hunting Capabilities in Your Network
I published the following diary on isc.sans.org: “Automatic Hunting for Malicious Files Crossing your Network“: If classic security controls remain mandatory (antivirus, IDS, etc), it is always useful to increase your capacity to detect suspicious activities occurring in your networks. Here is a quick recipe that I’m using to detect
[The post [SANS ISC] Automatic Hunting for Malicious Files Crossing your Network has been first published on /dev/random]
Continue reading [SANS ISC] Automatic Hunting for Malicious Files Crossing your Network
By implementing orchestration and automation (O&A), security leaders can deliver the real-time threat intelligence their understaffed analyst teams need to punch above their weight.
The post Implementing O&A: Why Intelligence Is the Key to Strategic Orchestration appeared first on Security Intelligence.
Continue reading Implementing O&A: Why Intelligence Is the Key to Strategic Orchestration
As data breaches gain public attention, vulnerability disclosure becomes an increasingly crucial part of the incident response process.
The post The Art of Disclosing Your Incident Response Strategy to the Public appeared first on Security Intelligence.
Continue reading The Art of Disclosing Your Incident Response Strategy to the Public
I published the following diary on isc.sans.org: “Comment your Packet Captures!“: When you are investigating a security incident, a key element is to take notes and to document as much as possible. There is no “best” way to take notes, some people use electronic solutions while others are using good
[The post [SANS ISC] Comment your Packet Captures! has been first published on /dev/random]
For incident response teams, resuming normal operations in the wake of a cyberattack is the name of the game. However, lack of preparation and poor communication can impede recovery efforts.
The post Don’t Get Scared — Get Back in Operation With the Right Incident Response Strategy appeared first on Security Intelligence.
Continue reading Don’t Get Scared — Get Back in Operation With the Right Incident Response Strategy
According to IBM’s Christopher Scott, who spoke at The Wall Street Journal’s Pro Cybersecurity Executive Forum, the road to better incident response is “a marathon, not a sprint.”
The post The Enterprise Imperative: Five Tips for Improving Incident Response appeared first on Security Intelligence.
Continue reading The Enterprise Imperative: Five Tips for Improving Incident Response
i.e., Negative Potentiality…
Well scrivened, crafted, reasoned, and timely blog post by Andrew Cook (writing at the Delta Risk – A Chertoff Company – blog). In which, impeccable advice is offered, on learning and avoiding pitfalls, targeting Incid… Continue reading Learn and Avoid
Security professionals can leverage freely available, open source security tools to protect their environments from threats.
The post Basic Security Tools You Cannot Afford to Miss in Your Risk Management Program appeared first on Security Intelligence.
Continue reading Basic Security Tools You Cannot Afford to Miss in Your Risk Management Program