Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

via the respected information security capabilities of Robert M. Lee & the superb illustration talents of Jeff Hass at Little Bobby Comics.

Robert M. Lee's & Jeff Hass' Little Bobby Comics: 'The Arrogator' →

August 18, 2019 by Marc Handelman in ICS/SCADA, ICS Protocols, Information Security, Incident Management, Incident Response, Incident Handling, Sarcasm, Satire, Security Comics, Security Humor
August 18, 2019 /Marc Handelman
ICS/SCADA, ICS Protocols, Information Security, Incident Management, Incident Response, Incident Handling, Sarcasm, Satire, Security Comics, Security Humor

Visit Graham Cluley’s Twitter Feed For A Well Executed Recording Of The Latest WIPRO Earnings Call And Questions Regarding The Security Failures Dubiously Answered By The Company.

Brian Krebs x Graham Cluley: The WIPRO Lassitude (or How Not To Execute Incident Response)...

April 22, 2019 by Marc Handelman in Information Security, Flawed Incident Response, Incident Handling, Incident Management, Incident Response, Must Read, Must Listen

Visit Brian Krebs' always well-researched and fact checked information security blog, and Graham Cluley's Twitter Feed for a superb recording of the WIPRO Earnings Call (the recent victims of a pernicous cyberattack), in which, bizarre answers to questions raised by Mr. Krebs were proffered by WIPRO 'Executives'. Todays' Must Read and Hear.

April 22, 2019 /Marc Handelman
Information Security, Flawed Incident Response, Incident Handling, Incident Management, Incident Response, Must Read, Must Listen

Learn and Avoid →

November 21, 2017 by Marc Handelman in Must Read, Information Security, Cybersecurity, Incident Response, Incident Management, Incident Handling

i.e., Negative Potentiality...

Well scrivened, crafted, reasoned, and timely blog post by Andrew Cook (writing at the Delta Risk - A Chertoff Company - blog). In which, impeccable advice is offered, on learning and avoiding pitfalls, targeting Incident Response - i.e., Successful Incident Response. This weeks' Must Read.

November 21, 2017 /Marc Handelman
Must Read, Information Security, Cybersecurity, Incident Response, Incident Management, Incident Handling

Converge 2017, Mike Behrmann's 'New School Security Combat Mindset' →

June 12, 2017 by Marc Handelman in Conferences, Education, Information Security, Threat Intelligence, Incident Handling, Incident Response, Incident Management
June 12, 2017 /Marc Handelman
Conferences, Education, Information Security, Threat Intelligence, Incident Handling, Incident Response, Incident Management

BSides Nashville 2017, Joe Grey's & Ben Shipley's 'Marrying Incident Response and Threat Intel Within Your Enterprise' →

May 18, 2017 by Marc Handelman in BSides, Incident Handling, Incident Response, Information Security, Threat Intelligence
May 18, 2017 /Marc Handelman
BSides, Incident Handling, Incident Response, Information Security, Threat Intelligence

Whom Done It →

January 01, 2017 by Marc Handelman in All is Information, Alternate Attack Analysis, Control Systems, Critical Thinking, Cybersecurity Competence, Defense, Electrical Engineering, Electronic Warfare, Incident Handling, Information Security, Espionage, Cybersecurity

In what wraps up to be a superbly crafted screed penned by Glenn Greenwald, laboring at The Intercept; in which, the Good Mr. Greewald details the perceived falsehoods swirling about the alleged Russian Intelligence Services hacks of the Burlington Vermont electrical generation utility. Today's Must Read.

January 01, 2017 /Marc Handelman
All is Information, Alternate Attack Analysis, Control Systems, Critical Thinking, Cybersecurity Competence, Defense, Electrical Engineering, Electronic Warfare, Incident Handling, Information Security, Espionage, Cybersecurity
Netflix (1).png

NetFlix Unleashed FIDO →

May 06, 2015 by Marc Handelman in All is Information, Incident Handling, Incident Response, Information Security, Automation, SecDevOps

via Netflix's Jason Chan, comes word of a OSS automation effort targeting security related events, and actions thereo. Monikered FIDO or more accurately 'Fully Integrated Defense Operation' the system ostensibly serves as an orchestration layer for automated response activities, in the case of security event triggers. Comprised of a well thought-out architecture of infrastructure components, an encapsulated orchestration, correlation and scoring engine coupled to a threat intelligence system... But, I'll leave the full explanation in the obviously capable hands of Netflix's Security Team; examine. if you will, FIDO at GitHub. And, because it's Open Source Software, the security community at large can reap the benefits of this superalitve effort. Outstanding.

May 06, 2015 /Marc Handelman
All is Information, Incident Handling, Incident Response, Information Security, Automation, SecDevOps

Best Practices for Integrating Incident Handling and Disaster Recovery →

April 30, 2015 by Marc Handelman in All is Information, Disaster Recovery, Incident Handling, Information Security
April 30, 2015 /Marc Handelman
All is Information, Disaster Recovery, Incident Handling, Information Security