Incident Response


Aug 2018

Locked Out: Ransomware Prevention and Incident Response

A ransomware attack can be a debilitating event for an unprepared person or organization.  Depending on the type and value of the data stored on an infected computer, the impact of an incident can range from a minor hiccup in operations to the death of the company. The impact of ransomware on small to medium size businesses (SMBs) can be particularly devastating. In its Second Annual...

Read More


Aug 2018

Sticking Around: Common Windows Malware Persistence Mechanisms

Malware authors put a lot of time and effort into writing their malware and finding ways to get it installed and running on target machines. If users could get rid of malware for good by just closing it or restarting their computer, then these attackers would have put in a lot of work for minimal payoff. But hackers leverage malware persistence mechanisms to be sure...

Read More


Aug 2018

What do I do if my Network is Hacked?

7 Steps to Achieving Effective Information Security Incident Response Nobody wants to be hacked, but the only thing worse than having an incident is to have one and then botch the incident response procedures. An incorrect response could allow an attacker to gain further access to your network, fail to completely remove the infection, or render evidence of the incident inadmissible in legal proceedings. By...

Read More


Jun 2018

Using Root Cause Analysis After a Cybersecurity Incident

There were 1,579 breaches reported in the U.S. in 2017, according to the Identity Theft Resource Center (ITRC). This represented a 44.7 percent increase over incidents reported for 2016. Your enterprise might be next, so it’s important to learn about incident response, including a Root Cause Analysis. The best defense for your business is prevention, but when an incident does occur, it’s important to use...

Read More


Jul 2017

Reverse Engineering Malware: Using Data Carving in Incident Response

Information security professionals, especially those who serve as “blue teamers” or enterprise defenders, are dealing with an evolving array of malware threats. In the blue team toolkit, one of the most important and difficult techniques is the ability to reverse engineer malware. Joe Gray, enterprise security consultant for Sword & Shield Enterprise Security, writes about his experience learning the techniques of reverse engineering malware using...

Read More


May 2015

Breaches Happen.

Are you Prepared for a Breach? You get a call from the FBI that your company’s computer network has been breached and some of your customer data has been compromised. After catching your breath from hyperventilating, the next thing you should do is realize that you’re not alone. You aren’t the first company to suffer from a breach and yours won’t be the last. In...

Read More