Thu, 27 Oct 2022 00:00:00 +0000
In September, ICANN invited me to talk about DNS Abuse at the ICANN75 AGM in Kuala Lumpur, Malaysia. It was a great success! My presentation ‘The Challenge of Defining DNS Abuse’ was well received, and many attending industry specialists asked good questions, especially about FIRST's work. I made many valuable connections, including people from ICANN, the DNS Abuse Institute, registries, registrars, CERTs, commercial companies, government organizations, and many more.
Fri, 05 Aug 2022 00:00:00 +0000
The European Union Agency for Cybersecurity is dedicated to achieving a high common level of cybersecurity across Europe.
For more than 15 years, ENISA has played a key role in enabling digital trust and security across Europe, together with its stakeholders including the Member States and EU bodies and agencies.
Fri, 29 Jul 2022 00:00:00 +0000
With the recent release of the 2022 Unit 42 Ransomware Threat Report, we thought it would be a good time to take a quick look at ransomware activity that we’ve seen so far in 2022.
Fri, 22 Jul 2022 00:00:00 +0000
Just a few years ago, security orchestration, automation and response (SOAR) was the new buzzword associated with security modernization.
Today, however, SOAR platforms are increasingly assuming a legacy look and feel. Although SOARs still have their place in a modern SecOps strategy, the key to driving SecOps forward today is no-code security automation.
Read on to learn what lightweight security automation means, how it compares to SOAR and why SOARs alone won’t help you stay ahead of today’s security threats.
Fri, 15 Jul 2022 00:00:00 +0000
I want the needle, and the haystack to go along with it. Attackers take advantage of siloed data and security tools to exploit systems using misconfigurations and move laterally. This lateral movement across different attack surfaces has attackers flowing between the control plane and data plane of your environment to escalate privileges and seek out targeted access.
Thu, 19 May 2022 13:00:00 +0000
DNS Abuse is a pretty widely used term. On the surface, it might seem like a simple term that's easily understood. But when you look more closely, the definition depends on your perception of the issue—and can be defined both broadly, or more narrowly.
Thu, 28 Apr 2022 01:00:00 +0000
I had the absolute pleasure of participating in and attending the recent FIRST Technical Colloquium at the W Hotel in Amsterdam, Netherlands, April 12–14. It was great to see nearly 100 people attend and over 50 people participating in training at this long-awaited in-person event. The program featured 17 speakers and two on-site trainers who held several popular workshops.
Thu, 24 Feb 2022 16:00:00 +0000
FIRST encourages states to not attack CSIRTs and critical infrastructure
Wed, 05 Jan 2022 00:00:00 +0000
Every incident response team globally is facing a serious increase of workload. As attackers scan and penetrate networks via automation, so must defenders look