Conor ShermaninConfident DefensePaying The Ransom Is Not The Plan — The True Cost of CompromiseRansomware has become the top cause for cyber insurance claims over the past few years as more and more organizations have been targeted…Jun 25, 2020Jun 25, 2020
Conor ShermaninConfident DefenseExecutive Briefing — The Future of the Incident Response MarketExecutive Briefing — The Future of the Incident Response MarketJun 14, 2020Jun 14, 2020
Conor ShermanThe Impact of COVID-19 a Macro OverviewThe wise uncertainty of epidemiologists is preferable to the confident bluster of television blowhards (link).Mar 17, 2020Mar 17, 2020
Conor ShermaninConfident DefenseFeature, Bug, or IOC — Investigating Chrome’s DNS AssistWhat we found brought us from the SIEM to the whiteboard back to the SIEM, like all good stories it ended happily on Stack Exchange…Oct 14, 2018Oct 14, 2018
Conor ShermaninConfident DefenseDecision Driven Alert FrameworkBelow is a framework that I have found exceptional powerful for getting my teams focused on making decisions and taking action when a…Aug 8, 2018Aug 8, 2018
Conor ShermanPhishing via Text Message — Credential AttackUPDATE: As of 7:24PM EST Bank of America had seized and redirected the domain to their legitimate site.Jul 24, 2018Jul 24, 2018
Conor ShermanYour Incident Response Plan is Hurting Your Security TeamThe formal “Incident Response Plan” as currently defined by industry standards (NIST 800–53) and by regulators is often a excessive waste…Jul 14, 2018Jul 14, 2018
Conor ShermaninConfident DefenseBuilding a Cyber Threat Intelligence Program… That WorksThreat Intelligence means a lot different things to a lot of different people, but for most vendors it means curated IOC lists. I have a…Aug 7, 2017Aug 7, 2017
Conor ShermanA Cyber Team’s Most Effective ToolThe best tool that a cyber security leader will ever deploy in the defense of an enterprise is trust. It is taking the time to build…May 16, 2017May 16, 2017