Articles on Incident Response

• Malware Why I Make Fun of Advanced Persistent Threat (APT)
• Malware Market Segmentation in Computer Attacks
  Computer attackers segment victims by organization size (focused enterprise targets vs. mass-scale SMBs), geography (paying more for North American infections), and industry. Defenders need to...
• Incident Response How Much Should an Information Security Book Cost?
• Risk Management Could Regulatory Compliance Encourage Weaker Security?
  Compliance replaces social norms with market exchanges—companies see fines as a "price" rather than feeling obligated to protect data. Like day care parents who arrived late more often after fines...
• Malware Analysis 3 Tools to Scan the File System With Custom Malware Signatures
  Traditional antivirus tools don't allow custom signatures, but ClamAV, YARA, and Vscan let incident responders scan file systems for indicators of compromise without waiting for vendor updates. YARA...
• Incident Response Initial Security Incident Questionnaire for Responders
  This cheat sheet helps incident handlers assess situations by asking the right questions: understanding background (how detected, security posture), defining communication parameters (coordinator,...