Charles Herring's blog

When An Alarm Isn’t

Viking at Epcot
Alarms

Vendors like to create an ocean of alarms in their products so they can dogpile after an event and claim that "they caught it." This article goes through the dangers of false positives in incident response and how to address them.

Dealing with Insider Threats

Staring down graduate
Insider Threats

The most dangerous and difficult risk to detect to an organization is insider threat. When a trusted asset decides to betray the trust of his benefactor for the sake of ideology, greed or extortion the organization can suffer long lasting damage. This article outlines the nature and strategies of handling insider threat.

Pages

Subscribe to RSS - Charles Herring's blog