Here’s a really good…no, I take that back…a great blog post by Sean Mason on “IR muscle memory”. Take the time to give it a read, it’ll be worth it, for no other reason than because it’s valuable advice. Incident response cannot be something that you talk about once and never actually do; it needs to be part of muscle memory. Can you detect an incident, and if so, how does your organization react? Or, if you receive an external notification of a security incident, how does your organization respond?
now browsing by tag
504 american answers attack audit blue team book books breach challenge class ctf cyber cyberattack cybersecurity denhac fbi gcih google government hack hacked hacker hackers hacking healthcare linux malware malware investigator north korea Obama penetration remediation sans sec504 security sony spoiler testing tools twitter united states update us vulnerability