Entries filed under 'incident response teams'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
March 20, 2012 6:52 PM By Richard Bejtlich
As Chief Security Officer(CSO) at Mandiant, customers and colleagues often ask about creating or improving their computer incident response teams (CIRTs). Prior to joining Mandiant a year ago, I created and led the General Electric CIRT (GE-CIRT), starting with myself and ending with 40 analysts in early 2011. When I designed and built the CIRT, I believed it was important to secure internal and external support and recognition for our efforts. We benefited from a strong internal champion in the form of the company's Chief Information Security Officer, Grady Summers (now a Vice President with Mandiant), as well as support from our Chief Information Officer. As part of my strategy to build an external presence, I sought involvement with the Forum of Incident Response and Security Teams (FIRST). In this post I will explain why I thought FIRST was important to my CIRT.Read more...