palexander wrote:

What tools are people using these days for incident response? Still Carbon Black or something else?

The C2 infrastructure...

I've been tracking a significant uptick in insider threat over the past holiday weekend. There's a significant credential compromise risk if these user accounts remain at risk. Exploitation in...

We've analyzed samples from this campaign and found COM hijacking being used to bypass XDR.

Can someone from Blue Team verify these payment data before I include them in the incident report? Based on data exfiltration volume, the impact of this insider threat was medium compared...

The compliance identified A-12 instances of policy violation that need to be addressed. Has anyone successfully deployed the vendor's hotfix for the system weakness issue? Without security tools,...