incident response

September 9, 2016

SECURITY

Ransomware: The race you don’t want to lose

4 min read

In the race to detect and contain ransomware on their networks, many organizations fail before they are out of the gate.  The reason has very little to do with technology, and more so a great deal to do with process. “But we bought all the good tools!”, such organizations protest. Good security technologies implemented and […]

August 9, 2016

SECURITY

The Haves & Have Nots: Threat Management Maturity

2 min read

IT departments regularly ask us questions about their security posture, their security concerns, and specifically, the makeup of their Threat Management (TM) organizations. Generally speaking, Threat Management includes anything in the Intel-Detection-Response arena, generally encompassing Security Operations Centers, Intelligence Organizations, and Incident Response Teams. When it comes to the makeup of their TM organizations, companies […]

August 3, 2016

SECURITY

A “quick” guide to QUIC

3 min read

Intelligence Gathering 101 Traffic analysis is rapidly becoming critical for threat analysis and incident response teams, and a choke point on their capability to be effective. Performing analysis on incoming threats requires security professionals to have monitoring tools that can give them an understanding of the information coming and going into their environment. This understanding […]

July 6, 2016

SECURITY

NetFlow AND PCAP (not or)

2 min read

As digital transformation sweeps across the world, there is a driving need for more effective logging and data recording for incident response. In today’s IT world, your agency’s Computer Incident Response Team (CIRT) must have the capability to quickly determine the source and scope of an attack on its network in order to effectively mitigate […]

June 9, 2016

SECURITY

Detection in Depth

2 min read

Defense in depth is a well understood and widely implemented approach that can better secure your organization’s network. It works by placing multiple layers of defense throughout the network to create a series of overlapping and redundant defenses. If one layer fails, there will still be other defenses that remain intact. However, a lesser known […]

June 6, 2016

SECURITY

Incident Response Goes to Hollywood

2 min read

Having personally spent a lot of time at Fortune 500’s, I know that individuals tend to develop blinders when dedicated to an organization, and begin to accept that things are done a certain way, and there is an order about things. It may come as a surprise then, when others don’t do things the way […]

February 16, 2016

SECURITY

Protecting Data Globally: A Modern Mandate

2 min read

Data is the currency of the knowledge economy. This makes it a highly valuable commodity – for organizations and cybercriminals alike. As threats to data security mount, organizations must find...

October 26, 2015

SECURITY

Calling all Incident Responders

1 min read

We are happy to announce the final schedule for IRespondCon, a conference that is specifically designed for incident responders. IRespondCon is held annually at OpenDNS HQ and offers a day of free training, presentations, and networking with some of the top information security engineers, instructors, and fellow responders. They’ll be showing how to use freely […]

April 23, 2015

SECURITY

Best Practices: Device Hardening and Recommendations

2 min read

On April 13th, 2015, Cisco PSIRT was made aware of multiple instances of customer disruption in a specific region caused by a denial of service attack against Cisco devices. We responded quickly to support speedy restoration for our customers. Our ongoing investigation has shown that the storage of some Cisco devices was erased, removing both […]