Articles on Incident Response

• Incident Response Network DDoS Incident Response Cheat Sheet
  DDoS response requires preparation before attacks occur: establish ISP contacts, create allowlists of critical source IPs, lower DNS TTLs, and document infrastructure. During attacks, analyze traffic...
• Incident Response 9 Convenient Lies in Information Security
  Common security claims are often oversimplifications: encryption alone doesn't secure data, compliance doesn't address all necessary controls, security seals reflect limited scans, background checks...
• Malware 5 Events in 2011 That Challenged Online Security and Trust Assumptions
• Tools Design Information Security With Failure in Mind
  Security controls will eventually fail despite best intentions—design architecture to detect suspicious activities early and limit incident scope when breaches occur. Like boats engineered to stay...
• Malware Analysis Process Monitor Filters for Malware Analysis and Forensics
  Process Monitor captures enormous amounts of data that can overwhelm analysts. Custom filters help by hiding boring entries or highlighting interesting events. Downloadable filter sets look for...
• Incident Response How to Get into Digital Forensics or Security Incident Response
  Employers rarely invest in growing beginner forensics analysts, so individuals must build relevant skills within current roles. System admins can learn incident investigation tools, network admins...