It's no secret that SOCs are overwhelmed. Many organizations are under constant attack, but SOC teams are so barraged by alerts that they can’t discern real from noise. If you missed our webinar with Forrester, Improving SOC Efficiency with Deception, watch it here. Learn how a deception technology approach can end the nonstop "hamster wheel" reaction cycle—and significantly boost both incident response (IR) capabilities and the overall productivity of security operations teams. Read More

The CyberEdge Group recently released its 2019 Cyberthreat Defense Report (CDR), capturing the current perceptions of IT security professionals from 17 countries, 6 continents, and 19 industries. The report­­­­­­­­­­­­­­­­­­­, co-sponsored by Illusive, delivers unique insight into their views of cyberthreats, current defenses, and planned security investments. Read More

The practice of digital forensics in cybersecurity focuses on recovering and investigating artifacts found on devices to determine the nature of an incident or cyberattack. Read More

On February 13th, we broke out the hats and balloons (read: hummus and beer) to celebrate Illusive’s 100th software sprint. For 100 releases now, we’ve been helping our customers—hundreds of organizations across industries—revolutionize their ability to stop advanced cyberattackers. Read More

The second and third most common inhibitors to better cyber defense, according to the 2017 Cyberthreat Defense Report are “the shortage of skilled personnel and too much data for IT security teams to analyze.” The two are undoubtedly related. Read More

Growing awareness of illusive networks Deceptions Everywhere™ technology recently led SANS Fellow, Dr. Eric Cole, to test our solution. Not only did he aim to successfully deceive an attacker, he also evaluated illusive’s scalability, manageability, and believability. The results of his (unsuccessful) efforts to attack a network and escape detection are contained in a new SANS Product Review - Deception Matters: Slowing the Adversary with illusive networks. Read More

Hi Readers,

Welcome back to the second installment of our DFIR blog!  If you didn’t read Introduction to Digital Forensics and Incident Response check it out.

Let’s get started on our next chapter, Timeline Analysis and Time Stamped Forensics.

A Chapter from Your Favorite Crime Novel

In one of his blog posts, Corey Harrell described timeline analysis as a "great technique to determine the activity that occurred on a system at a certain point in time".  When referring to DFIR, we would take it one step further: timeline analysis is necessary for effective incident response.
Read More

Practically, conducting digital forensics analysis is the procedure of investigating security alerts or suspicions of malicious activity in a computer network. I like to think of DFIR as a procedure analogous to a military debriefing. When fighter pilots return from an operative mission, they immediately conduct a debrief, which covers the objectives, what worked and what didn’t, and exactly how the next mission will be improved upon to complete each objective.  Digital Forensics is really no different and here's why ... Read More