Recon InfoSec | Operations

Planning for the Worst: Making IR, BC, and DR Plans Work

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Macie Thompson

Organizations know they should have plans for cyber incidents, but too often those plans are...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Ben Webb

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Watson Brown

In today’s rapidly evolving cyber threat landscape, proactive defense is no longer optional—it’s...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

In July, Eric & Whitney gave a talk titled "Breaches Be Crazy" at the SANS DFIR Summit outlining...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Andrew Cook

Whether your cybersecurity detection and response capabilities are in-house or managed through a...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

Now that we've normalized and enriched our events, let's get into the actual threat detection logic...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

In my previous post, I explained the fundamental purpose and use cases of pipelines in Graylog –...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

If you are here hoping to learn more about using Graylog for the purpose of monitoring the security...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Brian Greunke

Much has already been said about the recently reported SolarWinds compromise. In this post, we are...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

Our team are huge fans of Velociraptor. It's an incredibly powerful tool, for both DFIR and...