Charles Herring's blog

When An Alarm Isn’t

Staring down graduate
Alarms

Vendors like to create an ocean of alarms in their products so they can dogpile after an event and claim that "they caught it." This article goes through the dangers of false positives in incident response and how to address them.

Dealing with Insider Threats

Charles and Mai at Nanny's for Christmas
Insider Threats

The most dangerous and difficult risk to detect to an organization is insider threat. When a trusted asset decides to betray the trust of his benefactor for the sake of ideology, greed or extortion the organization can suffer long lasting damage. This article outlines the nature and strategies of handling insider threat.

Pages

Subscribe to RSS - Charles Herring's blog