Incident response

When the internet was being created, security wasn’t much of an issue. The internet (and the Arpanet before it) was primarily being used by trusted parties...

The Address Resolution Protocol (ARP) was first defined in RFC 826. As the name suggests, it is designed to resolve IP addresses into a form usable by other...

It is almost impossible to leave a conversation with a cybersecurity professional, take an introductory networking class, or break into ethical hacking without...

Statistical analysis is one of the three main categories of analysis that can be performed on network traffic data. It provides a much more detailed analysis...

In this article, we’ll discuss the various things that incident responders must know about the operation of a network and how this can help improve how...

Event-based analysis, as its name suggests, focuses on analysis of specific events that occur on the monitored network. This is accomplished by defining the...

Connection analysis is the highest-level type of network analysis that is used in incident response. Rather than developing and scanning with signatures of...

While no incident is the same, security professionals have come to rely on pre-established procedures and best practices to help contain a security breach...

The concept of network mapping is not a new one. Creating network maps in the design phase of a network and updating them throughout its life cycle is a crucial...

Fileless malware is malware authors’ response to traditional malware identification and analysis techniques. Many antiviruses operate by using signature-based...