Security Incident Response Questions
Navin Rehnius
Security Engineer at a tech services company with 201-500 employees
Aug 02 2021

What is the difference between Incident Detection Response (IDR) e.g. in Rapid7 InsightIDR and Endpoint Detection and Response (EDR) in other solutions?

Thanks.

John RendyHi @Navin Rehnius, The IDR focus is on the correlation of the host system… more »
Evgeny Belenky
IT Central Station
May 21 2021

Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom, according to BBC.

Earlier this month, Hugh has written about it in this article: The Colonial Pipeline Ransomware Attack: Preventing the Next Cybercrime Disruption of Critical Infrastructure

Lessons from the Colonial Pipeline ransomware attack

Dear community, let's share your professional opinion with other peers on what lessons can we learn from this ransomware attack.

What can be done better in the future? Is it about backup and recovery tools? About EDR? 

Should the incident response be managed in a different way?

Thanks

ITSecuri7cfdAt minimum, do the basics. Patch or mitigate vulnerabilities by isolating the… more »
Evgeny Belenky
IT Central Station
Sep 08 2021
Trends in Security Operations Center (SOC)

Hi community,

We would like to hear your insights on the latest trends in SOC. What are you seeing in the field or forecasting? 

Please share your opinion on how these trends are going to influence the future of the relevant solutions, tools, etc. used in SOC.

Looking forward to hearing your insights,

Thanks!

John RendyEvgeny,  My personal experience tells me that SOC will be driven by… more »