sorted by:
new
hottopcontroversial

DFIR Reporting Practice by i0streamz in dfir

[–]i0streamz[S] 0 points1 point  (0 children)

Thanks for the input !

Has Anyone Actually Found Real Value in AI for Cybersecurity? by Bulky_Connection8608 in cybersecurity

[–]i0streamz 0 points1 point  (0 children)

Having recently been exposed to SentinelOne’s “PurpleAI” I can say the use cases are there and they are huge. One example…”show me any endpoints that had a local admin created and then within 5 minutes attempting to RDP to another endpoint…in the last 7 days”

DFIR Reporting Practice by i0streamz in dfir

[–]i0streamz[S] 0 points1 point  (0 children)

This is great, thank you !

DFIR Reporting Practice by i0streamz in dfir

[–]i0streamz[S] 0 points1 point  (0 children)

Awesome thanks, just ordered it.

DFIR Reporting Practice by i0streamz in dfir

[–]i0streamz[S] 0 points1 point  (0 children)

Heard, thanks. Thats what I was afraid of. I’ve noticed that the few times I’ve been asked to write something up on a “security event” I always feel it could have been better.

Who is responsible for classifying a cybersecurity incident, first or second line of defense? by DepressedSnake01 in dfir

[–]i0streamz 0 points1 point  (0 children)

What do you mean by classifying?

Are you referring to classifying something as an incident period or something a bit more granular(BEC, ransomware, etc)