Being in the IR space, I’ve essentially given up my end of year holidays for the past 5+ years. Adversaries don’t work 9-5 Monday through Friday, and they most definitely know that US companies tend … Continue reading
There is a lot of great advice out there in the Information Security space on how to secure your network, be it either through prevention, detection or response techniques- and there is also a lot … Continue reading
In high school I used to compete as a swimmer and my favorite event was the 50yd freestyle. I trained an average of 4 hours per day (2hrs in the AM, and 2hrs in the … Continue reading
I’ve had the fortune of visiting a good number of SOCs (including building some) and meeting with a number of leaders in the SOC/IR space over the years- and the better teams will tell you … Continue reading
While I think most information security professionals understand that you can’t fully secure a network, this doesn’t stop many of them from dispensing advice or operating under philosophies that I consider to be ineffective or simply … Continue reading
Over the years I’ve seen a disturbing trend, where there must be a school where vendors and information security professionals are taught to invoke fear into business leaders by claiming that an incident will have … Continue reading
Having led a number of Incident Response Teams focused around APTs for the last couple of years, I’ve seen my fair share of interesting things. APT incidents are, by nature, going to be a much … Continue reading
At a recent conference I had the chance to meet with many security leaders of various companies and in most cases it was a continuation of a trend that has plagued the information security field for … Continue reading
Follow