Incident Response

Kubernetes Incident Response: Building Your Strategy

Kubernetes is the popular container orchestration platform developed by Google to manage large-scale containerized applications. Kubernetes manages microservices applications over a distributed cluster of nodes. It is very resilient and supports scaling, rollback, zero downtime, and self-healing containers. The primary aim of Kubernetes is to mask the complexity of overseeing a large fleet of containers.

Building Out SaaS Incident Response Capabilities

Every functioning security team has an incident response plan. Advance strategizing and preparation are absolutely imperative to ensure a quick response to data breaches, ransomware, and numerous other challenges, but most companies first developed that plan years, if not decades, ago and now only revisit it periodically. This is a problem. How many organizations have developed a separate incident response plan to address the unique risks of the software-as-a-service (SaaS) era? Far too few.

CrowdStrike Services Offers Incident Response Tracker for the DFIR Community

During a recent client engagement for a tabletop exercise (TTX), it became apparent that the client did not have a methodology for tracking indicators and building an incident timeline. The CrowdStrike Services team wanted to provide more information to our client on how incidents can and should be tracked, but nothing was available in the public domain.

Arctic Wolf Cloud Detection and Response

Cloud Detection and Response protects you from key cloud threats like account and business email compromise, ransomware, suspicious resource usage, and phished credentials. Arctic Wolf's Concierge Security® Team continually reviews your cloud posture and works to harden your environment over time. The cloud has changed the way we work. Accelerate your cloud transformation and have confidence your business is secure with Arctic Wolf Cloud Detection and Response.

What Is a Cybersecurity Incident Response Plan?

Global cyberattacks increased by 29 percent in the first half of 2021 compared to 2020, and we can assume that cybercriminals and hackers won’t stop their malware and ransomware attacks any time soon. A strong cybersecurity strategy is vital to reduce losses from those attacks, and a robust incident response plan should be a part of that strategy.

Elevating What a TIP Can Be - The ThreatQ Platform

In a previous blog I reviewed the foundational use case for a TIP, which is threat intelligence management—the practice of aggregating, analyzing, enriching and de-duplicating internal and external threat data in order to understand threats to your environment and share that data with a range of systems and users. However, one of the unique benefits of the ThreatQ Platform and where organizations are deriving additional business value, is that it also allows you to address other use cases.

Arctic Wolf Cloud Detection and Response

The cloud has changed the way we work. Accelerate your cloud transformation and have confidence your business is secure–with Arctic Wolf Cloud Detection and Response. Built atop the cloud-native Arctic Wolf platform, Cloud Detection and Response allows you to experience an effective way to secure activity across both infrastructure as a service platforms–like AWS, Microsoft Azure, and Google Cloud Platform, and applications–such as Microsoft 365, Salesforce, Google Workspace, Box, and Workday.

Incident Response Plan vs. Disaster Recovery Plan

When developing business continuity plans, businesses should understand that they actually need two documents: an incident response plan and a disaster recovery plan. Having an incident response plan means your organization is prepared for possible information security incidents such as a data breach, a system outage, or a security breach.

Introducing the Definitive Guide to Ransomware Response

The ransomware racket has grown so sophisticated, even beginners can be successful at it. How’s that for a mind screw? Because the threat has reached epic proportions – so much so that the U.S. is urgently convening an international summit with the sole purpose of addressing ransomware – there is no shortage of blogs and articles about how you should approach the risk. But most simply scratch the surface. Security operations professionals require something more.

Cyber Security Incident Response Plan - How to Create One?

Cyberattack is one of the common threats that modern businesses are facing today. Despite the growing threat landscape of cybersecurity attacks, many small and medium companies that experience data breaches and threats do not have adequate preparations. This includes prevention measures before the attack and incident response plans during/after the attack.