Incident Response and OPSEC
It’s always important to consider OPSEC when performing incident response. We regularly work with clients to ensure that they don’t cause issues for themselves during the investigation. Tipping your hand to the attacker can result in a failed containment, which likely will lead to a failed remediation. Today, while teaching my last SANS Incident Response […]
AVML – Memory Forensics For Linux
One of the problems we’ve experienced over the years with Linux memory forensics was the difficulty of obtaining a memory dump. This is because most acquisition tools require a loadable kernel module to be built on the exact same kernel version as the target. Building the kernel module on the target itself has several problems: […]
Memory Forensics Plugins
On November 21, 2017 I did a webcast for the SANS Institute to discuss memory forensics. During the webcast, we discussed a number of custom plugins for Volatility to assist in the analysis of memory images. I’ve posted the plugins here. Enjoy!
The Time To Prepare Is Now – Rendition Infosec Offers Five Secrets To Best Prepare For Incident Response
With several recent and prominent information/cyber security attacks making the headlines, top industry executive sharing his thoughts on how savvy companies should prepare for the next, inevitable information security event. Augusta, Georgia – June 6, 2017 – Rendition Infosec, the nation’s leading provider of information security solutions and consultation, today announced that the company is […]