Incident Management

Observations from the digital trenches

Oct 26, 2020 By Geoff Mefford In AT&T Cybersecurity

When AT&T Incident Response Consultants first engage a client during a ransomware incident, the situation is often very chaotic. The client's ability to conduct business has stopped; critical services are not online, and its reputation is being damaged. Usually, this is the first time a client has suffered an outage of such magnitude. Employees may wrongly fear that a previous action is a direct cause of the incident and the resulting consequences.

Read Post

AT&T Cybersecurity

Read more about Observations from the digital trenches

Demo | Access Workflow Integration Using Pager Duty | Privileged Access Management | Teleport

Sep 26, 2020 By Teleport In Teleport

Teleport allows you to implement industry-best practices for SSH and Kubernetes access, meet compliance requirements, and have complete visibility into access and behavior. But invariably, change happens. Teleport allows users to request elevated privileges in the middle of their command-line sessions and create fully auditable dynamic authorizations . These requests can be approved or denied in PagerDuty or anywhere else via a flexible Authorization Workflow API.

View Video

Teleport

Read more about Demo | Access Workflow Integration Using Pager Duty | Privileged Access Management | Teleport

Joint "CYPRES" Report on Incident Response Released by FERC

Sep 23, 2020 By Robert Landavazo In Tripwire

Earlier this month, the Federal Energy Regulatory Commission (FERC) published a joint report entitled “Cyber Planning Response and Recovery Study” (CYPRES) in partnership with the North American Electric Reliability Corporation (NERC) and eight of its Regional Entities (REs) in order to review the methods for responding to a cybersecurity event.

Read Post

Tripwire

Read more about Joint "CYPRES" Report on Incident Response Released by FERC

Adaptable Incident Response With Splunk Phantom Modular Workbooks

Sep 14, 2020 By Sam Hays In Splunk

Splunk Phantom is a security orchestration, automation and response (SOAR) technology that lets customers automate repetitive security tasks, accelerate alert triage, and improve SOC efficiency. Case management features are also built into Phantom, including “workbooks,” that allow you to codify your security standard operating procedures into reusable templates.

Read Post

Splunk

Read more about Adaptable Incident Response With Splunk Phantom Modular Workbooks

What is Incident Response?

Sep 9, 2020 By Mark Stone In AT&T Cybersecurity

As new types of security incidents are discovered, it is absolutely critical for an organization to respond quickly and effectively when an attack occurs. When both personal and business data are at risk of being compromised, the ability to detect and respond to advanced threats before they impact your business is of the utmost importance.

Read Post

AT&T Cybersecurity

Read more about What is Incident Response?

Webinar: AIOps Outcome - Accelerate Incident Resolution

Aug 13, 2020 By CloudFabrix In CloudFabrix

Bite Size AIOps Knowledge Sessions - Accelerate Incident Resolution with faster root cause analysis and contextual insights and recommendation

View Video

CloudFabrix

Read more about Webinar: AIOps Outcome - Accelerate Incident Resolution

Identify API Incidents with Built-in Anomaly Rules

Aug 11, 2020 By Mark Michon In Bearer

One of Bearer's super powers is anomaly detection. Anomalies are unexpected issues that happen when making an API call. These could be high error rates, unexpected response codes, latency spikes, and more. By monitoring APIs with anomaly detection, we can identify problems with an API or within your application. Anomaly detection makes debugging easier and can help you identify API performance issues that affect your end users.

Read Post

Bearer

Read more about Identify API Incidents with Built-in Anomaly Rules

Performing Zabbix Alert Correlation and Incident Acceleration with CloudFabrix AIOps

Aug 10, 2020 By Tejo Prayaga In CloudFabrix

CloudFabrix AIOps 360 solution can ingest alerts, events, metrics and from various monitoring tools to perform event correlation, alert noise reduction and enable incident resolution acceleration. Learn more about CloudFabrix AIOps 360 In this blog I will cover Zabbix integration aspects with our AIOps 360 solution. Zabbix is one of the popular open source monitoring platforms used by many enterprises and MSPs, including some of our customers.

Read Post

CloudFabrix

Read more about Performing Zabbix Alert Correlation and Incident Acceleration with CloudFabrix AIOps

Speeding Incident Response by Integrating Netwrix Auditor with ServiceNow

Aug 1, 2020 By Netwrix

Although most IT pros are aware of the benefits that technology integrations promise, many of them are reluctant to take on integration projects. They know all too well that many vendor products simply aren't designed to be integrated with other systems; the lack of an application programming interface in particular is a huge red flag. Fortunately, there are vendors, such as ServiceNow and Netwrix, that enable organizations to reap the benefits of integration without having to invest lots of time and money.

Get EBook