We just raised a $30M Series A: Read our story

Carbon Black CB Response Questions

Netanya Carmi
Content Manager
IT Central Station
Julia Frohwein
Content and Social Media Manager
IT Central Station
Oct 12 2021

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Julia Frohwein
Content and Social Media Manager
IT Central Station
Oct 12 2021

Hi Everyone,

What do you like most about Carbon Black CB Response?

Thanks for sharing your thoughts with the community!

Julia Frohwein
Content and Social Media Manager
IT Central Station
Oct 12 2021

If you were talking to someone whose organization is considering Carbon Black CB Response, what would you say?

How would you rate it and why? Any other tips or advice?

Security Incident Response Questions
Evgeny Belenky
IT Central Station
Nov 24 2021
Hi security professionals, As the majority of you have probably heard, GoDaddy has been hacked again a few days ago. Based on what is already known, what has been done wrong and what can be done better?  Share your thoughts! (more)

Hi security professionals,

As the majority of you have probably heard, GoDaddy has been hacked again a few days ago.

Based on what is already known, what has been done wrong and what can be done better? 

Share your thoughts!

(less)
Evgeny Belenky
IT Central Station
Nov 23 2021

Hi peers,

Why SOC is important for an organization? What are the main challenges of the modern SOC?

Thanks.

Hasan Zuberi ( HZ )SOC refers to a dedicated platform and team organization to prevent, detect… more »
Denis LSOC is the heart of your infrastructure security, a centralized system… more »
Evgeny Belenky
IT Central Station
Nov 24 2021
Hi infosec professionals, We all know how security terms can be confusing and there are permanent discussions between professionals about simple ones. How would you describe the difference between cyber resilience and business continuity?  How do you achieve each of them? (more)

Hi infosec professionals,

We all know how security terms can be confusing and there are permanent discussions between professionals about simple ones.

How would you describe the difference between cyber resilience and business continuity? 

How do you achieve each of them?

(less)
VladanKojanicIt's simple: cyber resilience is the ability to prepare for, respond to and… more »
AlanFinkGeneric terms are always open to interpretation. My belief is that Cyber (crime)… more »
Jairo Willian PereiraBoth have the same purpose but not the same scope.  Ensuring CR does not… more »
Evgeny Belenky
IT Central Station
Nov 24 2021

Hi,

When would you suggest using an internal SOC and when SOC-as-a-Service? What are the pros and cons of each?

Shibu BabuchandranHello, Below there are views on the pros and cons of Internal SOC and… more »
Manuel GellidaEvgeny I think, SOC on-premise means a huge investment (=monthly payment)… more »
reviewer935298This is a truly good and difficult question.  If we could have MSSP that is… more »
Giusel
IT Engineer at UTMStack
Nov 24 2021

Hi community,

I'm working on a document about the Security Operation Center best practices, and I would like to get your inputs about it.

Thanks

Robert CheruiyotHi Giusel, From my little experience, it's always good to have a good working… more »
Shibu BabuchandranHi @Giusel ​, Some of the best practices that I feel is as below. 1. The SOC… more »
Steffen HornungSadly, I cant contribute due to lack of experience in that field. But I would… more »
Navin Rehnius
Security Engineer at a tech services company with 201-500 employees
Aug 02 2021

What is the difference between Incident Detection Response (IDR) e.g. in Rapid7 InsightIDR and Endpoint Detection and Response (EDR) in other solutions?

Thanks.

John RendyHi @Navin Rehnius, The IDR focus is on the correlation of the host system… more »
Evgeny Belenky
IT Central Station
Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom, according to BBC. Earlier this month, Hugh has written about it in this article: The Colonial Pipeline Ransomware Attack: Preventing the Next Cybercrime Disruption of Critical Infrastructure.  Dear community, let's share your… (more)

Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom, according to BBC.

Earlier this month, Hugh has written about it in this article: The Colonial Pipeline Ransomware Attack: Preventing the Next Cybercrime Disruption of Critical Infrastructure

Lessons from the Colonial Pipeline ransomware attack

Dear community, let's share your professional opinion with other peers on what lessons can we learn from this ransomware attack.

What can be done better in the future? Is it about backup and recovery tools? About EDR? 

Should the incident response be managed in a different way?

Thanks

(less)
ITSecuri7cfdAt minimum, do the basics. Patch or mitigate vulnerabilities by isolating the… more »
Evgeny Belenky
IT Central Station
Sep 08 2021
Hi community, We would like to hear your insights on the latest trends in SOC. What are you seeing in the field or forecasting?  Please share your opinion on how these trends are going to influence the future of the relevant solutions, tools, etc. used in SOC. Looking forward to hearing your… (more)
Trends in Security Operations Center (SOC)

Hi community,

We would like to hear your insights on the latest trends in SOC. What are you seeing in the field or forecasting? 

Please share your opinion on how these trends are going to influence the future of the relevant solutions, tools, etc. used in SOC.

Looking forward to hearing your insights,

Thanks!

(less)
John RendyEvgeny,  My personal experience tells me that SOC will be driven by… more »
Rony_Sklar
IT Central Station
Sep 22 2021

Hi dear community,

Can you explain what an incident response playbook is and the role it plays in SOAR? How do you build an incident response playbook? 

Do SOAR solutions come with a pre-defined playbook as a starting point?

Maged MagdyHi, what an incident response playbook?  Incident Response Playbook is the… more »
Robert CheruiyotHi Rony,  Playbook automates the gathering of threat intelligence from a… more »
David SwiftIncident Response playbooks detail how to act when a threat or incident occurs… more »