Understanding Indicators of Compromise (IOC) Part II

Introduction In the first installment of this blog series we discussed several principle ideas and concepts necessary for security analysts as they seek to master an understanding of indicators of compromise (IOC).  We discussed how IOCs relate to observables and how observables tie or relate to measurable events or stateful properties on a host.  We…

Understanding Indicators of Compromise (IOC) Part I

  Introduction Every day security analysts are faced with piecing together disparate parts of complex events of interest related to emerging and sophisticated threats.  These pieces can be simple metadata elements or much more complex malicious code and content samples that require advanced reverse engineering and analysis.  When pulled together, the cumulative result equates to…

Introducing RSA Advanced Cyber Defense Services – Podcast #239

RSA’s Peter Tran talks to Speaking of Security about new Advanced Cyber Defense Services being offered to help orgnanizations in North America and Europe create proactive strategies for defending their digital assets against a wide range of threats, and provide incident response expertise designed to help customers react aggressively to active attacks and critical incidents.

Stalking the Kill Chain: Tired of Being Hunted?

Shady Rat, Aurora, Poison Ivy, ZeuS, SpyEye, Ice IX, Stuxnet and Flame. This strange combination of terms may have no immediate relation to the layman, but for those involved in computer security and incident response, they speak of events that have sparked press coverage, executive interest and late nights.