As Chief Security Officer(CSO) at Mandiant, customers and colleagues often ask about creating or improving their computer incident response teams (CIRTs). Prior to joining Mandiant a year ago, I created and led the General Electric CIRT (GE-CIRT), starting with myself and ending with 40 analysts in early 2011. When I designed and built the CIRT, I believed it was important to secure internal and external support and recognition for our efforts. We benefited from a strong internal champion in the form of the company's Chief Information Security Officer, Grady Summers (now a Vice President with Mandiant), as well as support from our Chief Information Officer. As part of my strategy to build an external presence, I sought involvement with the Forum of Incident Response and Security Teams (FIRST). In this post I will explain why I thought FIRST was important to my CIRT.Read more...
Entries filed under 'NCSA-IRST'
Threat Research Blog
FireEye posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. These blog posts cover everything from exploits and vulnerabilities, to advanced malware and targeted attacks.