Bad correlations in IR? Maybe no reverse engineers is the problem?
- December 13, 2016 by RenditionSec
- Uncategorized
Correlation isn’t the same thing as causation. Forensics professionals often seem to forget that when they deal with incident data. Just because an event occurred and malware was found on a machine that could have caused the event doesn’t mean the malware caused the event. Is there a correlation? Sure. Is this enough to establish […]