by Christa Miller | Jan 27, 2016 | Blog
An incident first response is only as good as the time a responder can save. While automation can help scale the prioritization of many endpoints, as we wrote in our last blog post, it’s also important to be able to correlate all those results together. In a dynamic...
by Brian Carrier | Nov 12, 2015 | Blog
Detecting an incident means one of two things. You have to see either a known problem — such as high-risk malware infecting one or more client endpoints — or something that is suspicious. But how do you know if suspicious activity is good or bad unless you...
by Brian Carrier | Feb 24, 2015 | Blog
Like other services, effective Computer Security Incident Response Teams (CSIRTs) are tiered. The First Responder on a CSIRT is much like the EMT who assess the situation and either deals with it themselves or brings the case to more specialized teams. In this blog...
