Automating Incident Response: Setting the Stage

Overview Many companies want to improve their incident response capabilities and make them more effecient. Automation is often touted as way to improve the response times, but what does automation (or orchestration) mean in DFIR?  Can the entire process be...
Prioritizing Endpoints Helps to Focus Incident Response

Prioritizing Endpoints Helps to Focus Incident Response

As part of a responding flyaway team, it’s probably common for you to arrive at your client’s offices, only to be pointed to a set of boxes to start analyzing. The client may tell you that they did some of their own digging around and identified the computers for you...