%term

The 443 Episode 219 - CISA Incident Response Learnings

Nov 28, 2022 By WatchGuard In WatchGuard

On today's episode we cover a pair of alerts from the Cybersecurity Infrastructure and Security Agency (CISA), one detailing the tools, tactics and procedures from a prolific ransomware organization and another walking through a recent incident response engagement CISA completed with a federal agency. Before that though, we learn about what happens when you use a software component that hasn't received updates in 17 years.

View Video

WatchGuard

Read more about The 443 Episode 219 - CISA Incident Response Learnings

Three Tips for Creating Better Response and Recovery Plans

Nov 22, 2022 By Sedara In Sedara

Response and recovery plans are crucial to reduce the severity and time of security incidents. But many organizations aren’t sure where to start in building their plans. Here are three tips for building a better recovery plan. Subscribe to our channel to get more useful content to help you protect your organization.

View Video

Sedara

Read more about Three Tips for Creating Better Response and Recovery Plans

How Automation Playbooks Double Down on the Value of SOARs

Nov 18, 2022 By Chris Tozzi In Torq

So you’ve set up a Security Orchestration, Automation and Response (SOAR) platform. You’re now ready to detect, respond to and remediate whichever threats cyberspace throws at you, right? Well, not necessarily. In order to deliver their maximum value, SOAR tools should be combined with playbooks, which can be used to drive SOAR systems and ensure that SOARs remediate threats as quickly as possible — in some cases, without even waiting on humans to respond.

Read Post

Torq

Read more about How Automation Playbooks Double Down on the Value of SOARs

Micro Lesson: Create Custom Playbooks in Cloud SOAR

Nov 10, 2022 By Sumo Logic In Sumo Logic

Learn how to automate the incident response cycle with a custom playbook in Sumo Logic Cloud SOAR.

View Video

Sumo Logic

Read more about Micro Lesson: Create Custom Playbooks in Cloud SOAR

Business Continuity, Disaster Recovery, and Security Incident Response Plan - Sedara Whiteboard

Nov 9, 2022 By Sedara In Sedara

Incident response is a structured process organizations use to identify and deal with cybersecurity incidents. Response includes several stages, including preparation for incidents, detection and analysis of a security incident, containment, eradication, and full recovery, and post-incident analysis and learning. What are some tips for making effective plans? Watch this episode of Sedara's Whiteboard Series to find out.

View Video

Sedara

Read more about Business Continuity, Disaster Recovery, and Security Incident Response Plan - Sedara Whiteboard

Network Detection and Incident Response with Open Source Tools

Nov 2, 2022 By Corelight In Corelight

When conducting incident response, EDR and firewall technologies can only show you so much. The breadth of network traffic provides an unrivalled source of evidence and visibility. Open-source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, furthermore the global communities behind these tools can also serve as a force multiplier for security teams, often accelerating response times to zero-day exploits via community-driven intel sharing.

View Video

Corelight

Read more about Network Detection and Incident Response with Open Source Tools

How to Create an Incident Response Procedure

Nov 2, 2022 By Cybriant In Cybriant

In the event of a data breach or security incident, having a well-defined incident response procedure can help contain the damage and minimize the risk of future incidents.

Read Post

Cybriant

Read more about How to Create an Incident Response Procedure

Centralized Log Management for Incident Response

Oct 27, 2022 By Graylog Security In Graylog

Today’s reality is that you’ll never be 100% secure. Remote work and digital transformation add more access points, devices, and applications than ever before. At the same time, your team is constantly responding to alerts that could be an incident. Although, most often, it’s not. Basically, you need to reduce the mean time to investigate (MTTI) and the mean time to respond (MTTR).

Read Post

Graylog

Read more about Centralized Log Management for Incident Response

Rubrik + Microsoft Sentinel: Get a head start in the race against ransomware

Oct 17, 2022 By Rubrik In Rubrik

According to Statistica, the average response time to a ransomware attack is 20 days. 20 days where your customers can’t order your product, 20 days where your end-users are unable to access important information - 20 days of incurred downtime for your organization resulting in massive profit losses and reputation damage. I think it goes without saying, time is of the essence during a ransomware attack.

Read Post

Rubrik

Read more about Rubrik + Microsoft Sentinel: Get a head start in the race against ransomware

Security Basics: Incident Response and Automation

Oct 11, 2022 By Kelsey Jones In Torq

Incident response is one of the most challenging tasks that IT teams face. It's challenging not just because it typically involves many stakeholders and moving pieces, but also because teams usually face pressure to respond as quickly as possible. That's why investing in incident response automation is a wise choice. Although it may not be possible to automate every aspect of every incident response workflow, being able to automate at least the major elements of incident response will yield incident management processes that are faster, more reliable, and more consistent.Keep reading to learn about the components of incident response and which incident response activities to start automating.

Read Post