As Chief Security Officer(CSO) at Mandiant, customers and colleagues often ask about creating or improving their computer incident response teams (CIRTs). Prior to joining Mandiant a year ago, I created and led the General Electric CIRT (GE-CIRT), starting with myself and ending with 40 analysts in early 2011. When I designed and built the CIRT, I believed it was important to secure internal and external support and recognition for our efforts. We benefited from a strong internal champion in the form of the company's Chief Information Security Officer, Grady Summers (now a Vice President with Mandiant), as well as support from our Chief Information Officer. As part of my strategy to build an external presence, I sought involvement with the Forum of Incident Response and Security Teams (FIRST). In this post I will explain why I thought FIRST was important to my CIRT.Read more...
Entries filed under 'NGFIRST'
Threat Research Blog
FireEye posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. These blog posts cover everything from exploits and vulnerabilities, to advanced malware and targeted attacks.