Thanks for your interesting question submissions to “Ask Lesley”! This column will repeat, on no specific schedule, when I receive interesting questions that are applicable to multiple people. See further details or submit a question, here. Without further ado, today… Read More ›
I receive a lot of great questions about my work in Digital Forensics and Incident Response (DFIR), and while I’ve written a bit on the topic of threat actors and attribution, I’ve been repeatedly asked some interesting questions about this… Read More ›
Listen as Gary and Lesley discuss incident response, digital forensics, security engineering, security certifications, and more. Source: Show 128: Lesley Carhart Discusses Incident Response and Digital Forensics | Cigital
This blog consists of seven very different infosec professionals’ responses to frequently asked questions about attribution, with thoughts, experiences, and opinions (focusing on nation state attribution circa 2016).
So what are these “challenge coins”? Challenge coins come from an old military tradition that bled into the professional infosec realm then into the broader hacker community through the continual overlap between the communities. In some ways like an informal… Read More ›
Threat intelligence is currently the trendy thing in information security, and as with many new security trends, frequently misunderstood and misused. I want to take the time to discuss some common misunderstandings about what threat intelligence is and isn’t, where it can be beneficial, and where it’s wasting your (and your analysts’) time and money.
(In this presentation, penetration tester and “TSA Key Guy” Johnny Christmas and I discuss the problems inherent to the disconnect between the information security community and the public and media at large, and how to bridge the skills and stigmas… Read More ›