Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

DEF CON 27, Voting Village - Rahul Patel's 'Incident Lifecycle: Incident Response & Management Planning' →

January 23, 2020 by Marc Handelman in Conferences, DEF CON 27, Education, Information Security, Incident Response, Incident Management, Incident Lifecycle

Thanks to Def Con 27 Volunteers, Videographers and Presenters for publishing their superlative conference videos via their YouTube Channel for all to see, enjoy and learn.

January 23, 2020 /Marc Handelman
Conferences, DEF CON 27, Education, Information Security, Incident Response, Incident Management, Incident Lifecycle

via the respected information security capabilities of Robert M. Lee & the superb illustration talents of Jeff Hass at Little Bobby Comics.

Robert M. Lee's & Jeff Hass' Little Bobby Comics: 'The Arrogator' →

August 18, 2019 by Marc Handelman in ICS/SCADA, ICS Protocols, Information Security, Incident Management, Incident Response, Incident Handling, Sarcasm, Satire, Security Comics, Security Humor
August 18, 2019 /Marc Handelman
ICS/SCADA, ICS Protocols, Information Security, Incident Management, Incident Response, Incident Handling, Sarcasm, Satire, Security Comics, Security Humor

Visit Graham Cluley’s Twitter Feed For A Well Executed Recording Of The Latest WIPRO Earnings Call And Questions Regarding The Security Failures Dubiously Answered By The Company.

Brian Krebs x Graham Cluley: The WIPRO Lassitude (or How Not To Execute Incident Response)...

April 22, 2019 by Marc Handelman in Information Security, Flawed Incident Response, Incident Handling, Incident Management, Incident Response, Must Read, Must Listen

Visit Brian Krebs' always well-researched and fact checked information security blog, and Graham Cluley's Twitter Feed for a superb recording of the WIPRO Earnings Call (the recent victims of a pernicous cyberattack), in which, bizarre answers to questions raised by Mr. Krebs were proffered by WIPRO 'Executives'. Todays' Must Read and Hear.

April 22, 2019 /Marc Handelman
Information Security, Flawed Incident Response, Incident Handling, Incident Management, Incident Response, Must Read, Must Listen

BSides Cleveland 2018, Jamie Murdock's 'The Marriage Of Threat Intelligence And Incident Response Or... Threat Hunting For The Rest of Us' →

September 02, 2018 by Marc Handelman in BSides Cleveland, BSides, Conferences, Education, Information Security, Threat Intelligence, Incident Response, Threat Hunting

Videography Credit: Irongeek (Adrian Crenshaw).

September 02, 2018 /Marc Handelman
BSides Cleveland, BSides, Conferences, Education, Information Security, Threat Intelligence, Incident Response, Threat Hunting

Learn and Avoid →

November 21, 2017 by Marc Handelman in Must Read, Information Security, Cybersecurity, Incident Response, Incident Management, Incident Handling

i.e., Negative Potentiality...

Well scrivened, crafted, reasoned, and timely blog post by Andrew Cook (writing at the Delta Risk - A Chertoff Company - blog). In which, impeccable advice is offered, on learning and avoiding pitfalls, targeting Incident Response - i.e., Successful Incident Response. This weeks' Must Read.

November 21, 2017 /Marc Handelman
Must Read, Information Security, Cybersecurity, Incident Response, Incident Management, Incident Handling

Converge 2017, Mike Behrmann's 'New School Security Combat Mindset' →

June 12, 2017 by Marc Handelman in Conferences, Education, Information Security, Threat Intelligence, Incident Handling, Incident Response, Incident Management
June 12, 2017 /Marc Handelman
Conferences, Education, Information Security, Threat Intelligence, Incident Handling, Incident Response, Incident Management

BSides Nashville 2017, Joe Grey's & Ben Shipley's 'Marrying Incident Response and Threat Intel Within Your Enterprise' →

May 18, 2017 by Marc Handelman in BSides, Incident Handling, Incident Response, Information Security, Threat Intelligence
May 18, 2017 /Marc Handelman
BSides, Incident Handling, Incident Response, Information Security, Threat Intelligence
Netflix (1).png

NetFlix Unleashed FIDO →

May 06, 2015 by Marc Handelman in All is Information, Incident Handling, Incident Response, Information Security, Automation, SecDevOps

via Netflix's Jason Chan, comes word of a OSS automation effort targeting security related events, and actions thereo. Monikered FIDO or more accurately 'Fully Integrated Defense Operation' the system ostensibly serves as an orchestration layer for automated response activities, in the case of security event triggers. Comprised of a well thought-out architecture of infrastructure components, an encapsulated orchestration, correlation and scoring engine coupled to a threat intelligence system... But, I'll leave the full explanation in the obviously capable hands of Netflix's Security Team; examine. if you will, FIDO at GitHub. And, because it's Open Source Software, the security community at large can reap the benefits of this superalitve effort. Outstanding.

May 06, 2015 /Marc Handelman
All is Information, Incident Handling, Incident Response, Information Security, Automation, SecDevOps

Bsides, Scott Roberts' Advanced Incident Response

February 14, 2015 by Marc Handelman in All is Information, Information Security, Incident Response
February 14, 2015 /Marc Handelman
All is Information, Information Security, Incident Response