Brian Krebs x Graham Cluley: The WIPRO Lassitude (or How Not To Execute Incident Response)...
Visit Brian Krebs' always well-researched and fact checked information security blog, and Graham Cluley's Twitter Feed for a superb recording of the WIPRO Earnings Call (the recent victims of a pernicous cyberattack), in which, bizarre answers to questions raised by Mr. Krebs were proffered by WIPRO 'Executives'. Todays' Must Read and Hear.
Learn and Avoid →
Well scrivened, crafted, reasoned, and timely blog post by Andrew Cook (writing at the Delta Risk - A Chertoff Company - blog). In which, impeccable advice is offered, on learning and avoiding pitfalls, targeting Incident Response - i.e., Successful Incident Response. This weeks' Must Read.
NetFlix Unleashed FIDO →
via Netflix's Jason Chan, comes word of a OSS automation effort targeting security related events, and actions thereo. Monikered FIDO or more accurately 'Fully Integrated Defense Operation' the system ostensibly serves as an orchestration layer for automated response activities, in the case of security event triggers. Comprised of a well thought-out architecture of infrastructure components, an encapsulated orchestration, correlation and scoring engine coupled to a threat intelligence system... But, I'll leave the full explanation in the obviously capable hands of Netflix's Security Team; examine. if you will, FIDO at GitHub. And, because it's Open Source Software, the security community at large can reap the benefits of this superalitve effort. Outstanding.