Filter By:

Recent Blogs & Podcasts

Insights

\ Incident Response & Recovery 



July 17, 2017 | Incident Response Planning
By Marcus Ranum, IANS Faculty

 Best Practices for Dynamic Business Unit Isolation

When malware strikes, many companies rush to isolate their critical business units from potentially infected corporate resources, but what are the best ways to go about this? In this Ask-an-Expert live interaction, IANS Faculty Marcus Ranum suggests scaling the separation level to match the threat, and pre-positioning key tools to ease after-separation monitoring and response.

Read More »


June 14, 2017 | IT Forensics
By Bill Dean, IANS Faculty

 Use the Right Process – and Tools – to Investigate Potentially Compromised Machines

Getting a secure process in place to remotely investigate potentially compromised devices - one that can't be used as a pivot point for further attack - is tricky. In this Ask-an-Expert written response, IANS Faculty Bill Dean validates a client's current process but also recommends installing a temporary forensics agent to improve the analysis.

Read More »


May 23, 2017 | Incident Response Planning
By Ondrej Krehel, IANS Faculty

 Negotiate a Winning Incident Response Retainer

The digital forensics and incident response (IR) market is a dynamic place with a growing number of vendors creating a wide variety of offerings and pricing models. In this report, IANS Faculty Ondrej Krehel details the three types of incident response retainers and offers key considerations for organizations deciding which would best suit their requirements and objectives. 

Read More »


May 22, 2017 | Malware and Advanced Threats
By Dave Kennedy, IANS Faculty

 Dave Kennedy on WannaCry and the Future of Ransomware Attacks

IANS Faculty Dave Kennedy, president and CEO of TrustedSec and frequent guest on major news networks such as CNN and Fox, stops by the IANS studio to review the latest details surrounding the WannaCry attack and offer tips for thwarting future attacks, from disabling SMB-1 to implementing application whitelisting.

Read More »


May 10, 2017 | Incident Investigations, Handling and Tracking
By Ken Van Wyk, IANS Faculty

 Van Wyk: Targeted Attacks Require Much Deeper Analysis

In the world of information security, intentions matter greatly, but they’re only a starting point. Apart from simple intentions, though, is the matter of whether or not an attack is targeted. In fact, when we can establish whether an attack is targeted, we often come to a vital decision point in an incident response operation. A targeted attack can change everything.

Read More »