by Charles Herring | Oct 30, 2017 | blog, InfoSec Craft, InfoSec How-To, Inside WitFoo
One of the areas we research heavily at WitFoo is how to reduce the number of investigations our customers have to perform each day. Internally, we call this the “n” problem. Another area of focus is how to reduce the amount of time our customers spend on...
by Reese Zomar | Sep 15, 2017 | blog, InfoSec Craft, InfoSec How-To, Inside WitFoo
In a previous entry, I spoke about the difference between a mature craft (like aviation) and information security, or the latest sexy title “Cybersecurity”. Reflecting on what I just said… the mere fact that the name of this discipline keeps changing is indicative of...
by William Ritch | Jan 4, 2017 | blog, InfoSec Business, InfoSec Craft, InfoSec How-To, Law Enforcement
RELEVANCE BETWEEN TWO CRAFTS Detective work requires the correct mind-set, which is proactive and forward looking. Because of this, detectives are unique within a craft that is primarily reactive in nature; crime occurs, cops arrive. When a suspect commits a murder,...
by Charles Herring | Aug 28, 2016 | blog, InfoSec How-To
When I was leading the Network Security Group at the US Naval Postgraduate School, I was overwhelmed with the degree of failure we experienced. The amount of events, complexity of investigations and immature security infrastructure created an environment of perpetual...
by Charles Herring | Aug 27, 2016 | blog, InfoSec How-To
A core tenet to success in any endeavor is defining, collecting and analyzing core metrics. Incident Response teams can only develop plans that lead to success when it can be defined and metered. Understanding and collecting two key metrics can aid in defining,...
