Incident Handling

Summary & Review: Building an Early Warning System (by Securosis)

gebhard 2013-02-09 Uncategorized EWS, Incident Handling, S&R

Summary / Review

The paper “Building an Early Warining System” by Securosis starts by detailing the typical situation: you can’t get ahead of the threat, security is inherent reactive. You have to use tools to be as close to the threat as possible. An Early Waning System can be one of the tools.

“A good hockey player plays where the puck is. A great hockey player plays where the puck is going to be.” – Wayne Gretzky

[RP]: Mistakes Were Made: Incident Response

gebhard 2012-06-11 Uncategorized Incident Handling

Great blog post:

Mistakes Were Made: Incident Response

Responding to Zero Day Threats

gebhard 2011-08-01 Uncategorized Incident Handling

Nice PDF provided by SANS (including links to further information and tools for incident response):

http://www.sans.org/reading_room/whitepapers/incident/responding-zero-day-threats_33709

Basics on Problem Solving & Investigations

gebhard 2011-01-09 Uncategorized Forensics, Incident Handling

There’s a nice article at SpiderLabs (Sniper Forensics – Part 1: A Brief History Lesson) which summarizes three interesting thesis and adopts them to modern problem solving and investigations (e.g. forensics).

Occam’s Razor / Lex Parsimoniae

(by William of Occam / Ockham)

When selecting hypothesis, the one that makes the fewest number of new assumptions is more likely to be correct.