Incident Response - After Action Review (AAR) Template
Highlighting and tracking improvement ideas and tasks derived from the incident using the 5 Why’s model to identify root causes and solution
top of page
WELCOME TO CRONINITY
 |  |  |
|---|---|---|
 |  |  |
Home: Welcome
Search
Virtualization Monitoring & Incident Response - VMware
Virtualization platforms have become standard in many organizations and have been more commonly been exploited by threat actors.
Incident Response - Linux
Linux Incident Response Approach Overview When conducting incident response on Linux systems, certain types of analysis can be performed...
EDR Evaluation - EDR System Operations (SysOps)
EDR/XDR platforms often lack transparency in their detection logic.
Insider Threat
Three categories of Insider Threats: Malicious insiders Theft of IP Sabotage Espionage Negligent Insiders Ignoring policy and procedures...
Cyber Incident Response - Incident Communications Plan
Cyber Incident Response Communications Plan Purpose The purpose of this communications plan is to ensure secure, efficient, and...
Cyber Incident Response - Incident Declaration Policy,
Purpose The purpose of this policy is to establish a standardized process for the declaration of a cyber incident and the subsequent...
Adversary-in-the-Middle (AiTM) and Business Email Compromise (BEC)
Cyberattacks persistently target both systems and individuals. Among these, compromising user credentials stands out as a prevalent...
Malware Analysis - Encoding/Decoding to Mask/Unmask Hackers Dirty Deeds - Base64
One critical aspect of malware behavior lies in Data Obfuscation, where malware seeks to conceal its activities through various...
Ransomware - Techniques - Encryption via GPUpdate
Ensuring the security of an organization's Domain Controller (DC) is paramount, recognizing it as a critical asset that must be protected...
Home: Blog2
Home: Contact
bottom of page