Earlier this spring Robert Westervelt wrote a story about a panel he attended at the InfoSec World Conference and Expo. The session featured three security pundits who, according to Mr. Westervelt, chided the audience for focusing on compliance, buying appliances, and automating security processes. Instead, the trio recommended identifying core company assets, hiring and training talented people, and analyzing logs to identify intruders. While delivering their message, they apparently offended a decent number of attendees. I read several accounts of the event and these points seem core to what happened at the panel.Read more...
Entries filed under 'incident response team'
Threat Research Blog
FireEye posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. These blog posts cover everything from exploits and vulnerabilities, to advanced malware and targeted attacks.