Discover and read the best of Twitter Threads about #incidentresponse

Most recents (4)

We are just starting our session @hasgeek. @abh1sek talking about data breaches and how they happen.

hasgeek.com/rootconf/data-…

Join the live stream on the webpage.

#datasecurity
Thank you @hasgeek for giving us this amazing platform to talk about what we love most #datasecurity #appsec
#cloudsecurity
Agenda for the session
Read 29 tweets
Kommentar zum Artikel:
Bei unseren Kunden wurden alle #Netscaler unmittelbar nach bekanntwerden des Workaround angepasst.
Nach genauerer Analyse mussten wir aber feststellen, dass "alle" Netscaler bereits #kompromitiert sind. 1/x

#Citrix #Shitrix #fail

security-insider.de/shitrix-gefaeh…
Da auf den Systemen durch die #Exploit's offensichtlich unter anderem auch #Cronjob's eingerichtet wurden, welche irgendwann in Zukunft beliebigen Code von russischen Servern nachladen...jeder Anwender absolut sicherstellen, dass sein System nicht bereits #kompromitiert wurde.
Der angekündigte #Hotfix, wird die bereits entstandenen Probleme sicher nicht lösen. Aus unserer Sicht hilft ausschließlich eine komplette #Neuinstallation der #Komponenten, verbunden mit einem unmittelbaren unmittelbares umsetzen des #Workaround bevor das System online geht.
Read 11 tweets
Some ideas for „KPI“ in Security Operation Centers (Thread).
Most important and first: Don’t create wrong incentives for your analysts, i.E. „time to alert close“ pushes your analysts in laxity.
To check for anomalies in your data sources: Top x alarm sources, Least x alarm sources
Read 9 tweets
New from me:
Important changes to #Wassenaar protects defenders from export control paperwork impeding #vulnerabiltydisclosure & #incidentresponse . Done? Not yet! Let's celebrate this win for tech/policy collaboration now. What's next? Read on. 🍻🥂🥃
thehill.com/opinion/cybers…
All options, including seeking further clarifications, or drafting a proposed domestic export control rule, are all still on the table in the US. There will likely be further opportunities for the public to weigh in on this undecided next move by the US.
Like the changes agreed so far, we have every single interested party to thank for this shared victory. The export control authorities from each country were super collaborative w us. We need more tech folks who value partnerships w policy makers. Nobody wins unless everyone wins
Read 4 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!