Incident Response - After Action Review (AAR) Template
Highlighting and tracking improvement ideas and tasks derived from the incident using the 5 Why’s model to identify root causes and solution
top of page
WELCOME TO CRONINITY
 |  |  |
|---|---|---|
 |  |  |
Home: Welcome
Search
Virtualization Monitoring & Incident Response - VMware
Virtualization platforms have become standard in many organizations and have been more commonly been exploited by threat actors.
Incident Response - Linux
Linux Incident Response Approach Overview When conducting incident response on Linux systems, certain types of analysis can be performed quickly and effectively using built-in Linux tools. This initial analysis often provides insights into how the system was compromised and the actions taken during the breach. However, advanced threat actors may employ techniques that complicate the investigation, requiring more time-consuming and sophisticated analysis methods. This Linux an
EDR Evaluation - EDR System Operations (SysOps)
EDR/XDR platforms often lack transparency in their detection logic.
Insider Threat
Three categories of Insider Threats: Malicious insiders Theft of IP Sabotage Espionage Negligent Insiders Ignoring policy and procedures...
Cyber Incident Response - Incident Communications Plan
Cyber Incident Response Communications Plan Purpose The purpose of this communications plan is to ensure secure, efficient, and...
Cyber Incident Response - Incident Declaration Policy,
Purpose The purpose of this policy is to establish a standardized process for the declaration of a cyber incident and the subsequent...
Adversary-in-the-Middle (AiTM) and Business Email Compromise (BEC)
Cyberattacks persistently target both systems and individuals. Among these, compromising user credentials stands out as a prevalent...
Malware Analysis - Encoding/Decoding to Mask/Unmask Hackers Dirty Deeds - Base64
One critical aspect of malware behavior lies in Data Obfuscation, where malware seeks to conceal its activities through various...
Ransomware - Techniques - Encryption via GPUpdate
Ensuring the security of an organization's Domain Controller (DC) is paramount, recognizing it as a critical asset that must be protected...
Home: Blog2
Home: Contact
bottom of page