by Lamaris Davis | Apr 15, 2020 | Uncategorized
Cyber Intelligence is very important!
Why is cyber intelligence important to companies?
Cyber threat intelligence helps organizations by giving them insights into the mechanisms and implications of threats, allowing them to build defense strategies and frameworks, and reduce their attack surface with the end goals of mitigating harm and protecting their network.
The main goal of cyber intelligence is to provide organizations a better understanding of what’s happening outside their network, giving them a better understanding of current cyber threats that threaten to cause their businesses harm.
Organizations that do not use cyber intelligence are more likely to be breached by a unknown source. Here are some cyber intellgence resources that companies can utilize to keep them better informed.
1) Department of Homeland Security: Automated Indicator Sharing
2) FBI: InfraGard Portal
3) SANS: Internet Storm Center
4) VirusTotal
5) Cisco: Talos Intelligence
There are many more sources out there but these will get you started.
by Lamaris Davis | Apr 15, 2020 | Uncategorized
Data Loss Prevention
What does data loss mean?
This can occur when your data is either been corrupted or loss. This can happen multiple ways like stolen by means of a malicious actor. Data loss can happen if you suddenly experience hardware failure, software error or as the result of human action.
How do you prevent data loss?
There are several ways you can prevent data loss within your organization. The number one thing you can do to prevent data loss is to make sure you regularly backup your data.
2) Set recovery point objectives – Creating a backup process is setting your RPO, as this establishes the time period in which transactions might be lost from an IT service due to a major incident.
3) Patch and update systems – Patching is something else that should be a crucial part of any business’s data loss prevention policy, regardless of whether you’re a small business with a handful of computers or an enterprise with a sprawling network of different machines.
4) Know when to upgrade systems – As a business owner, you must understand that nothing last forever and must be upgraded. You’ll need to upgrade systems and software before they get to the point of becoming unstable due to age.
Four simple steps will keep your business from losing data! Please reach out to me for assistance.
(more…)
by Lamaris Davis | Apr 15, 2020 | Uncategorized
Memory forensics and why it’s so important to incident response
Memory Forensics is the process of analyzing volatile data living within a computer’s memory dump. Everything in the computer system move across RAM (Random Access Memory).
- Processes and threads
- Malware
- Network Sockets, URLs, IP Address
- Open Files
- User – generated content
- Passwords, caches, clipboards
- Encryption Keys
- Hardware and Software configuration
- Windows registry keys and event logs
RAM handles communication and enables things to get done between the CPU, Operating system. There are big advantages to conducting memory analysis like identifying malicious software activitiy, analyzing and tracking recent activity on the system and also collecting evidence that cannot be found anywhere else (Super value).
As you can see, It will be very difficult for malicious actors to get away cleanly with so many foot prints left in memory.
