InfoSec Insights

Information Security thoughts from years on the front lines dealing with advanced attackers.
Menu
Skip to content
  • Home
  • Scholarship
  • About Me
  • Twitter
  • LinkedIn
  • Media

Proactive Hunting for Adversaries (A Hunting We Will Go)

Being in the IR space, I’ve essentially given up my end of year holidays for the past 5+ years. Adversaries don’t work 9-5 Monday through Friday, and they most definitely know that US companies tend … Continue reading →

Email, RSS Follow
Posted on December 9, 2014 by Sean Mason · 4 Comments

Leveraging the Kill Chain for Awesome

There is a lot of great advice out there in the Information Security space on how to secure your network, be it either through prevention, detection or response techniques- and there is also a lot … Continue reading →

Email, RSS Follow
Posted on December 2, 2014 by Sean Mason · Leave a comment

Embedding Incident Response into the DNA of the Organization

In high school I used to compete as a swimmer and my favorite event was the 50yd freestyle. I trained an average of 4 hours per day (2hrs in the AM, and 2hrs in the … Continue reading →

Email, RSS Follow
Posted on October 1, 2014 by Sean Mason · 1 Comment

Objectifying Cyber Intel Indicators

I’ve had the fortune of visiting a good number of SOCs (including building some) and meeting with a number of leaders in the SOC/IR space over the years- and the better teams will tell you … Continue reading →

Email, RSS Follow
Posted on August 25, 2014 by Sean Mason · 4 Comments

Top 10 Information Security Mistruths – IR Perspective

While I think most information security professionals understand that you can’t fully secure a network, this doesn’t stop many of them from dispensing advice or operating under philosophies that I consider to be ineffective or simply … Continue reading →

Email, RSS Follow
Posted on August 11, 2014 by Sean Mason

Impact on Company Stock following Data Breaches

Over the years I’ve seen a disturbing trend, where there must be a school where vendors and information security professionals are taught to invoke fear into business leaders by claiming that an incident will have … Continue reading →

Email, RSS Follow
Posted on July 21, 2014 by Sean Mason · 3 Comments

Incident Response Metrics

Having led a number of Incident Response Teams focused around APTs for the last couple of years, I’ve seen my fair share of interesting things. APT incidents are, by nature, going to be a much … Continue reading →

Email, RSS Follow
Posted on July 14, 2014 by Sean Mason

Priority Dilemma: Prevention vs. Response

At a recent conference I had the chance to meet with many security leaders of various companies and in most cases it was a continuation of a trend that has plagued the information security field for … Continue reading →

Email, RSS Follow
Posted on June 29, 2014 by Sean Mason
Post navigation
Newer posts →
Recent Posts
  • 2018 RSA Conference Party Calendar
  • Incident Response Fundamentals – Communication
  • 2017 RSA Conference Party Calendar
  • Impact on Stock Following a Data Breach – Dec 2016
  • The Haves & Have Nots: Threat Management Maturity
Recent Comments
  • Join our Google Calendar! – Sauvie Island School on Adding a Public/Shared Google Calendar to iPhone iOS
  • Omo Osagiede on Focus On Incident Response Fundamentals: Containment
  • Sean Mason on Focus On Incident Response Fundamentals: Containment
  • Omo Osagiede on Focus On Incident Response Fundamentals: Containment
  • Sean Mason on 2017 RSA Conference Party Calendar
Archives
  • March 2018
  • September 2017
  • January 2017
  • December 2016
  • August 2016
  • February 2016
  • December 2015
  • September 2015
  • August 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • October 2014
  • August 2014
  • July 2014
  • June 2014
Categories
  • InfoSec
  • Uncategorized
Meta
  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org
© Copyright 2019 InfoSec Insights Powered by WordPress · Theme by Satrya