Search Results

You may recall our discussion on the different documentation tools and types used by security teams when responding to incidents. In this video, we'll examine the benefits that documentation offers, so that you can better understand how to leverage doc...

  So far, you've learned about the different types of detection methods that can be used to detect security incidents. This reading explores how investigative tools can be used during investigations to analyze suspicious indicators of compromise (IoCs) and bu...

Documentation is any form of recorded content that is used for a specific purpose, and it is essential in the field of security. Security teams use documentation to support investigations, complete tasks, and communicate findings. This reading explores the ben...

I have something bugging me. And it's why not everything can use magic. Especially the invading humans, they have sufficiently advanced technology for molecular deconstruction. However, they aren't capable of using magic. I have blue blood, and it's probably t...

Let's continue our discussion on how documentation provides transparency through documents like chain of custody. During incident response, evidence must be accounted for during the entire incident's lifecycle. Tracking evidence is important if the e...

Have you ever taken a trip to a place you've never visited before? You may have used a travel itinerary to plan your trip activities. Travel itineraries are essential documents to have, especially for travel to a new place. They help keep you organ...

links to original google doc Purpose 2 Using this playbook 2 Step 1: Receive phishing alert 2 Step 2: Evaluate the alert 2 Step 3.0: Does the email contain any links or attachments? 3 Step 3.1: Are the links or attachments malicious? 3 Step 3.2: Update ...

#summery2{color: black;} #Aboutme{ color: eeefff; border-radius: 0 0 10px 10px; border: 1px solid gray; background-color: #333; } summery2{color: black;} #summery1{color: black;} #Howtousethissite{ color: eeefff;...

<div class="image-container"> <div class="socials"> <h2><a title="My Discord Server" href="https://discord.gg/2qXr4yMg6Y" target="_blank" rel="noopener"><img src="https://library.naruzkurai.com/uploads/images/gallery/2023-10/scaled-1680-/3532815.png"...

As you've learned, security analysts can be flooded with a large amount of alerts on any given day. How does an analyst manage all of these alerts? Hospital emergency departments receive a large number of patients every day. Each patient needs medical care for...

  My name is Robin, and I am the program management lead for the Red Team at Google. I would say teamwork might be the most important skill for people who work in cybersecurity. The collaborative culture is to understand that everybody brings a unique perspect...

Previously, you learned that triaging is used to assess alerts and assign priority to incidents. In this reading, you'll explore the triage process and its benefits. As a security analyst, you'll be responsible for analyzing security alerts. Having the skills ...

 In this video, we'll discuss the third phase of the incident response lifecycle. This phase includes the steps for how security teams contain, eradicate, and recover from an incident. It's important to note that these steps interrelate. Containment helps meet...

Previously, you learned about how security teams develop incident response plans to help ensure that there is a prepared and consistent process to quickly respond to security incidents. In this reading, you'll explore the importance that business continuity pl...

Now that a security team has successfully contained eradicated and recovered from an incident, their job is done, right?Not quite.Whether it's a new technology or a new vulnerability, there's always more to learn in the security field.The perfect time for lear...

Previously, you explored the Containment, Eradication and Recovery phase of the NIST Incident Response Lifecycle. This reading explores the activities involved in the final phase of the lifecycle: Post-incident activity. As a security analyst, it's important t...

Working Off-Platform Getting Started: To work on this project, you will need an IDE or text editor and a web browser. You also have the option of downloading the starter files for a quick start. Alternatively, you can use your own existing files or start fro...

That wraps up our discussion on incident investigation and response.Nice work on finishing up another section!We've covered a lot here, so let's take a moment to quickly recap.First, we revisited the detection and analysis phase of the NIST incident response l...

History books. Receipts. Diaries.What do all these things have in common?They record events.Whether it's historical events, financial transactions, or private diary entries, records preserve event details.And having access to these details can help us in many ...

Devices produced data in the form of events.As a refresher, events are observable occurrences that happen on a networksystem or device.This data provides visibility into an environment.Logs are one of the key ways security professionals detect unusual ormalici...