August 2021

sumologic

Flexible Incident Response playbooks for any situation

One of the major buzzwords when talking about cyber incident response is playbooks, advanced workflows with specific actions tailored to deal with and respond to cyber incidents. Over the past few security conferences, I have noticed something of a trend emerging that centers on the uncertainty and hesitance that some incident response teams have regarding the use of playbooks and, in particular, around the notion of automation in incident response.

ThreatQuotient

Anatomy of a Supply Chain Attack: How to Accelerate Incident Response and Threat Hunting

In recent months, we’ve seen a sharp rise in software supply chain attacks that infect legitimate applications to distribute malware to users. SolarWinds, Codecov and Kesaya have all been victims of such attacks that went on to impact thousands of downstream businesses around the globe. Within minutes of these high-profile attacks making headline news, CEOs often ask: “Should we be concerned? How is it impacting us? What can we do to mitigate risk?” .

SANSFire: An Alert Has Fired. Now what?

While the security industry spends a lot of time and energy getting more and/or better alerts, comparatively little investment has gone into helping analysts operationalize and contextualize those alerts. This webcast will discuss how a solid foundation of network telemetry can enable not only high-velocity, high-confidence processing of alerts of all stripes, but also a host of other critical security applications, from fundamentals like asset management to advanced techniques like proactive threat hunting. Real-world examples and code will be used throughout the talk, along with practical considerations for operating in an enterprise environment.
devo

What is Digital Forensics? Defining Digital Forensics and Incident Response

According to Research and Markets, the worldwide digital forensics market will expand at a compound annual growth rate of 13% through 2026. The rise of cybercrime is most certainly driving its growth — especially since digital forensics plays a critical role in mitigating cyberthreats in the modern security operations center (SOC).

tripwire

Using Threat Modeling to Boost Your Incident Response Strategy

Threat modeling is increasing in importance as a way to plan security in advance. Instead of merely reacting to threats and incidents, an organization can identify and evaluate its security posture, relevant threats, and gaps in defenses that may allow attacks to succeed. Threat modeling has a two-way relationship with incident response.

logsign

What is an Incident Response Plan and How to Create One?

Regardless of size, every company could experience a cybersecurity incident one day. Security incidents can occur in companies, public institutions, schools, etc. Cybersecurity incident actions are similar to actions to be taken in response to a security incident, for example in a school. It is an inevitable reality that your network may be exposed to an incident threat.