Maturing towards Team-Based Incident Response

Maturing towards Team-Based Incident Response

In our last blog post, we talked about how, as an organization’s security posture matures (often along with the organization itself), its strategy starts to move beyond prevention to focus on detection and response. In general, the larger or more valuable the company,...
Make Better Use of IDS Alerts for Incident Response

Make Better Use of IDS Alerts for Incident Response

If your organization’s security posture is maturing beyond prevention and beginning to focus on detection, you may find yourself evaluating a host of new security technologies. Among the most attractive for many organizations are network intrusion detection systems...
Can DIY Incident Response Scale?

Can DIY Incident Response Scale?

If you’ve ever purchased a house or vehicle, you may also, as many people do, have gone to the local hardware store to buy a starter kit of tools. You might not have been sure how often you’d use the tools, but you wanted at least to be prepared for basic repairs so...
Tailoring the Triage Process for Better Results

Tailoring the Triage Process for Better Results

An incident first response is only as good as the time a responder can save. While automation can help scale the prioritization of many endpoints, as we wrote in our last blog post, it’s also important to be able to correlate all those results together. In a dynamic...
Prioritizing Endpoints Helps to Focus Incident Response

Prioritizing Endpoints Helps to Focus Incident Response

As part of a responding flyaway team, it’s probably common for you to arrive at your client’s offices, only to be pointed to a set of boxes to start analyzing. The client may tell you that they did some of their own digging around and identified the computers for you...