Avatar

Brandon Enright

Information Security Investigator

Cisco's Computer Security Incident Response Team (CSIRT)

Brandon Enright is an Information Security Investigator with Cisco's Computer Security Incident Response Team (CSIRT) where he works on incident detection, data correlation techniques, and investigates attacks. Brandon has authored or co-authored papers on a wide variety of security topics including cryptography, botnet architecture, and the economics and efficacy of modern spam botnets.

Outside of security, Brandon is interested in computationally hard problems related to the fields of combinatorics, group-theory, and permutation puzzles.

Articles

November 1, 2013

SECURITY

Using a “Playbook” Model to Organize Your Information Security Monitoring Strategy

7 min read

CSIRT, I have a project for you. We have a big network and we’re definitely getting hacked constantly. Your group needs to develop and implement security monitoring to get our malware and hacking problem under control.   If you’ve been a security engineer for more than a few years, no doubt you’ve received a directive […]