Incident Response
Incident Response | News, how-tos, features, reviews, and videos
Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk
Digital forensics and incident response teams face increasing workloads amid evolving cyberattacks, recruiting and hiring challenges, and a lack of effective automation.
Plan now to avoid a communications failure after a cyberattack
CISOs should take the lead to develop a post-cyberattack communications plan that accurately informs stakeholders and instills confidence in their organizations' response.
Will your incident response team fight or freeze when a cyberattack hits?
CISOs train their teams to fight hackers but often overlook the human tendency to freeze up during a crisis. Planning for the psychology of incident response can help prevent a team from seizing up at the wrong moment.
ServiceNow to detect open source security vulnerabilities with Snyk integration
ServiceNow Vulnerability Response users will now have access to Snyk’s product that scans open source code during the development process.
MTTR “not a viable metric” for complex software system reliability and security
Verica Open Incident Database Report suggests mean time to resolve should be retired and replaced with other metrics more appropriate for software systems and networks.
EU Council adopts NIS2 directive to harmonize cybersecurity across member states
The NIS2 directive replaces NIS as EU Council seeks to improve resilience and incident response capacities in the EU.
CISA launches incident, ransomware reporting rulemaking RFI
The U.S. Cybersecurity and Infrastructure Security Agency seeks input on a common set of cybersecurity incident reporting regulations.
Palo Alto debuts Unit 42 team for managed detection and response
Live expert service builds on Palo Alto’s Cortex extended detection and response (XDR) platform provide, offering a managed detection and response (MDR) team for more personalized cybersecurity management and incident response.
Best practices for recovering a Microsoft network after an incident
Follow this advice to minimize stress when recovering credentials, systems and settings after a ransomware or other cyberattack.
Sophos unifies threat analysis and response units into X-Ops team
Cybersecurity vendor Sophos reorganized three prominent organizational teams into a single new entity, for more efficient responses to modern threats.
How to conduct a tabletop exercise
Testing your security policies and procedures in real-life scenarios can help you improve your security posture—if you implement the lessons learned.
New Flashpoint offering automates incident response workflows
Low-code platform enables security teams to build security workflows with drop-and-drag ease.
How Code42 automates insider risk response
When insiders exhibit risky behaviors, good-natured bots reach out to provide support in this CSO50 award-winning project.
5 things security pros want from XDR platforms
New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform.
Cybereason launches DFIR solution to automate incident response
Vendor says new solution takes forensic-driven approach to incident response that extends deeper value to defenders.
Ransomware, endpoint risks are top concerns for DFIR professionals
Digital forensics incident responders worry most about ransomware, but risks associated with remote work are also top of mind.
ServiceNow adds new features to Major Security Incident Management Workspace
New features allow users to add their own report templates and format and configure reports based on requirements in MSIM platform designed to help teams track and resolve critical security incidents.
New Magnet Forensics app automates, coordinates cybersecurity response
Magnet's new application, Automate Enterprise, is designed to speed up investigation and response to cybersecurity incidents by automating basic and repetitive manual tasks, and integrating detection and post-incident tools including...