Triage Planning & an Emotet Outbreak: What Can Security Teams Learn from First Responders?

Triage Planning: What Can Security Teams Learn From First Responders?

Andy Rothman

This post offers a glimpse into how our Cyber Incident Response Team (CIRT) fought a flare-up in Emotet infections by taking a step back from the mass of alerts to devise a proactive strategy for automation. Our hope is that it sparks some ideas for you when something similar happens in your environment.

Atomic Red Team

One Year of Atomic Red Team! Looking Back and Ahead

Casey Smith

It is crazy to think it’s been a year since we launched our Atomic Red Team project! In honor of the milestone, here’s a look back at some of our favorite memories, lessons learned, and a preview of what’s ahead.

threat hunting with ATT&CK Q&A

Q&A: Visibility, Testing Critically Important for Hunting

Red Canary

MITRE’s ATT&CK™ framework is a great resource for security analysts looking for a guide in their threat hunting efforts, which is exactly what we discussed in the second part of our ongoing webinar series, Threat Hunting with ATT&CK.

attacking a mac

Attacking a Mac: Detecting MacOS Post-Exploitation

Frank McClain

Everyone, please take a deep breath and say it with me: “Macs are invulnerable to compromise.” Everyone knows that’s true, right? Attacking a Mac is impossible. Okay, well perhaps most of the population thinks that, but we are part of the uber-elite cyber-warriors that know better. All systems are vulnerable. Our Macs only get popped when we want them to, … Read More

OODA Loop Information Security

How the OODA Loop Can Help Improve Detection Speed and Accuracy

Justin Schoenfeld

Day after day, our Cyber Incident Response Team (CIRT) detects the threat vectors bad guys use to infiltrate organizations. This post will walk through a malware infection that used the Microsoft Sysinternals tool PsExec to attempt lateral movement, host reconnaissance, and network reconnaissance. We’ll show how the OODA loop method can help improve detection speed and accuracy—not only as the threat unfolded, but as our … Read More