Incident Response

Discussion List

• 
  WeChat.exe Showing Up As Malware? Thoughts?

  egrizzly 39 views 1 comment 0 points Most recent by JDMurray May 12
• 
  Thoughts on Tines - codeless SOAR tool

  egrizzly 31 views 3 comments 0 points Most recent by JDMurray April 16
• 
  Who Has Installed CrowdStrike? Question on "Medium" Severity Detections

  egrizzly 41 views 1 comment 0 points Most recent by JDMurray April 12
• 
  Who Has Installed and Used CrowdStrike Falcon?

  egrizzly 21 views 0 comments 0 points Started by egrizzly April 11
• 
  SPLUNK ES vs SPLUNK

  egrizzly 101 views 3 comments 0 points Most recent by JDMurray March 8
• 
  Best Solution For Controlling New Application Install In Custom Software Environments

  egrizzly 11 views 0 comments 0 points Started by egrizzly December 2022
• 
  Chrome.exe Alerts

  egrizzly 50 views 3 comments 0 points Most recent by JDMurray September 2022
• 
  Community Support For CrowdStrike

  egrizzly 45 views 2 comments 0 points Most recent by egrizzly August 2022
• 
  Typical EDR Reports Created For Management

  egrizzly 104 views 5 comments 0 points Most recent by chrisone August 2022
• 
  Migrating From CylancePROTECT to an EDR solution (e.g. Crowdstrike or Carbon Black)

  egrizzly 41 views 3 comments 0 points Most recent by egrizzly July 2022
• 
  2022 Verizon Data Breach Investigations Report (DBIR)

  JDMurray 76 views 0 comments 2 points Started by JDMurray May 2022
• 
  Review of SOC Core Skills training by Antisyphon InfoSec

  JDMurray 1.2K views 4 comments 3 points Most recent by chrisone April 2022
• 
  elearnsecurity labs for THP and IHRP

  mohamed194 238 views 9 comments 0 points Most recent by chrisone July 2021
• 
  Sony Entertainment Pictures 2014

  aesso 31 views 0 comments 1 point Started by aesso May 2021
• 
  Whitlisting Files vs Safelisting Users: Which is Best Practice and Why?

  egrizzly 43 views 7 comments 0 points Most recent by UnixGuy May 2021
• 
  OneNote vs Sharepoint. Which Is Easiest For Creating Playbook?

  egrizzly 52 views 5 comments 0 points Most recent by JDMurray March 2021
• 
  Interview Question: How Would You Move Through KillChain? How Would You Defend It?

  egrizzly 613 views 2 comments 0 points Most recent by egrizzly March 2021
• 
  Azure Sentinel use cases

  E Double U 97 views 1 comment 0 points Most recent by chrisone March 2021
• 
  Incident Response Frameworks

  egrizzly 73 views 0 comments 0 points Started by egrizzly March 2021
• 
  SPLUNK Enterprise Security: What's The Best Online Resource To Learn Implementation/Configuration?

  egrizzly 133 views 9 comments 0 points Most recent by egrizzly February 2021
• 
  Defanging IP Addresses 10[.]10.10.1

  egrizzly 203 views 11 comments 0 points Most recent by yoba222 January 2021
• 
  SolarWinds incident response: Live demo from the trenches

  Infosec_Sam 51 views 0 comments 1 point Started by Infosec_Sam December 2020
• 
  Use of open-source software for the IR needs

  Answered ✓ Info_Sec_Wannabe 102 views 5 comments 0 points Most recent by stryder144 December 2020
• 
  IPS Security Incident Response Process

  cjthedj45 649 views 3 comments 0 points Most recent by egrizzly December 2020
• 
  Incident Response Business?

  Cyberscum 747 views 16 comments 0 points Most recent by egrizzly December 2020
• 
  Any Reason Not To Block Malicious IPs?

  egrizzly 209 views 11 comments 0 points Most recent by LonerVamp June 2020
• 
  How Can You Tell If A SQL Injection Attack Is Successful

  egrizzly 1.3K views 11 comments 0 points Most recent by JDMurray May 2020
• 
  SIEM Alerting on Successful Logins From Outside Domains

  egrizzly 82 views 1 comment 0 points Most recent by si20 May 2020
• 
  Incident Response/Incident Management

  ps.89 163 views 4 comments 0 points Most recent by ps.89 May 2019
• 
  Incident Response tips

  MitM 538 views 18 comments 0 points Most recent by MitM September 2018