This two-part series is focused on reducing the impact of a breach through early detection. In part one we looked at the change in mindset from purely preventative measures, to implementing effective detection methods within your environment; and the positive impact that this could have.  In this article we will look at bridging the gap between the initial point of intrusion and instigation of an effective incident response plan.

80% of businesses do not have an incident response plan, 15% have a documented plan but lack the foundation to provide an efficient or effective response, leaving only 5% [1] of business with an actionable incident response plan in place.  In this, the second part of our IR series we are going to look at the need for an effective and functional Incident Response plan.

Part 2 of 2 – Vulnerability details

This is the second and final post in our series about zero-day vulnerabilities we discovered in NfSen and AlienVault OSSIM. If you missed the first post, please click here to read about how our discovery of one zero-day vulnerability led to another three being discovered. As part of our responsible disclosure policy we contacted the vendors and assisted them with the process of developing patches.

Like many others this week, I have been glued to the amazing action coming from the Gold Coast, Australia, as many of the world’s top athletes compete in the Commonwealth Games.  As I marveled at the athletes competing across a variety of sports, it got me thinking “what could we learn from these athletes?”

How you respond to any incident can have a dramatic effect on the overall outcome and its potential on going impact.  Over this two-part series Foregenix will look to answer the question – “How well will you respond when it really matters?” covering Incident Response and the often-overlooked gap that is ‘Intrusion detection’ or as we like to call it ‘Incident Readiness.’

Spring is finally upon us and after a long, gruelling winter; lambs are frolicking, daffodils are sprouting, and hackers are still breaching websites. It’s time to revisit your website security and make sure you’re taking the necessary measures to protect yourself and your customers.