Articles on Incident Response
- Incident Response Making Sense of Digital Forensics and Incident Response Disciplines Digital forensics encompasses examining artifacts in databases, memory, network traffic, and mobile devices beyond traditional hard drive analysis. Incident response complements forensics with...
- Malware Why I Make Fun of Advanced Persistent Threat (APT)
- Malware Market Segmentation in Computer Attacks Computer attackers segment victims by organization size (focused enterprise targets vs. mass-scale SMBs), geography (paying more for North American infections), and industry. Defenders need to...
- Incident Response How Much Should an Information Security Book Cost?
- Risk Management Could Regulatory Compliance Encourage Weaker Security? Compliance replaces social norms with market exchanges—companies see fines as a "price" rather than feeling obligated to protect data. Like day care parents who arrived late more often after fines...
- Malware Analysis 3 Tools to Scan the File System With Custom Malware Signatures Traditional antivirus tools don't allow custom signatures, but ClamAV, YARA, and Vscan let incident responders scan file systems for indicators of compromise without waiting for vendor updates. YARA...