John Moran, DFLabs’ Senior Product Manager TV Interview with Chuck Harold at Black Hat 2018

DFLabs’ Senior Product Manager, John Moran joins Chuck Harold from Security Guy TV for an interview at Black Hat 2018 in Las Vegas. In this short interview, John Moran introduces the concept of security orchestration, automation and response (SOAR) technology, and explains what will happen if companies don’t start with automation. He further gives examples of how orchestration and automation of the incident response process actually help a company defend itself against growing sophisticated cyber attacks. He points out that automation doesn’t mean replacing and firing people, on the contrary, how to make the teams within a company work more effectively.

Watch the full interview here.

5 Core Elements Of A Successful Incident Response Program

IBM’s 2018 Cost of a Data Breach study shows that the impact of a data breach on an organization averages $3.86 million, while more serious and severe “mega breaches” can cost hundreds of millions of dollars. The difference between a data breach and a “mega breach” often comes down to the effectiveness and speed of the incident response process.

The most successful incident response programs are excellent in the following core areas: visibility, incident management, workflows, threat intelligence, and collaboration/information-sharing.

The following lines will focus on the things required to achieve excellence in each of these components from a systems level perspective.

Visibility

With the variety and number of security products deployed in the average enterprise, visibility into the output of these tools is the basis of all incident response systems. Aggregating data feeds from commercial and open-source products, as well as anything developed in-house, is required.

When deploying an incident response management system, take into consideration platforms that support the most common security products out of the box. Since few can support everything by default, flexibility to add bi-directional integrations with security products which are not supported by default is an important issue.

 

Read the full article here.

DFLabs to Release Free Live Forensics Tool at Black Hat USA 2018

DFLabs’ Senior Product Manager, John Moran will promote and discuss the release of a free live forensics tool at Black Hat USA 2018.

Prior to DFLabs, Moran was a computer forensic analyst for the Maine State Police Computer Crimes Unit and computer forensics task force officer for the U.S. Department of Homeland Security. The constant challenges he ran across led to finding the right combination of tools for the forensic information he needed. The solution to this challenge was writing his own tool called No-Script Automation Tool (NAT), which he’ll personally promote on Aug. 8 at the Black Hat USA 2018 conference in Las Vegas.

Moran told eWEEK: “I’m going to talk a little bit about live forensics as a whole and the do’s and don’ts for forensic analysis, but really the whole purpose of the talk is to show the tool that basically came out of my experiences working in incident response.”

Moreover, he said that he often had to use 30 or more tools to get the necessary information. Figuring out the proper configuration options for various tools, as well as getting every single tool to run and export information took too much time.

Moran adds: “I wanted to build a tool that would be a one-click thing that would enable incident responders to run the right tools and it would just work. This tool also allows responders to verify the tools they are running, so it has a known good list of accepted, authentic tools.”

Read the entire article here.

Four Reasons Why Companies Fail At Incident Response

DFLabs’s CEO Dario Forte pinpoints the main reasons why many companies today still can’t seem to create the suitable plan when it comes to incident response.

Today, a vast number of companies throughout many different industries are still exposed to continuous security breaches of various kinds. This year only, companies such as Best Buy, Delta, Orbitz, Panera, Saks Fifth Avenue, and Sears, have all been victims to some type of cyber-security threat.

Security threats have become very sophisticated with the rise of new technologies and companies need to fight them back. However, these are not always tested for security flaws and create difficult gaps for companies in their battle for protection of their assets.

Read the entire article here.

DFLabs Achieves Certified Technical Integration With McAfee ePolicy Orchestrator (ePO) and McAfee Data Exchange Layer (DXL)

DFLabs is proud to announce its technical certification with McAfee ePO and DXL to unify threat detection, response, and remediation through bidirectional integration. The integration of DFLabs IncMan SOAR  platform and McAfee’s products will help their customers’ to deploy end-to-end security solutions for faster and more automated detection and response to cybersecurity threats, as well as orchestration of remediation efforts.

This press release was originally published on Business Wire. Read the full press release here.

DFLabs Wins Two Platinum Awards for Cybersecurity in the 2017 GSN Homeland Security Awards

DFLabs Security Automation & Orchestration platform has received platinum awards in two separate cybersecurity categories of the 2017 GSN Homeland Security Awards. IncMan took first place in the following categories: Best Continuous Monitoring & Mitigation, and Best Cyber Operational Risk Intelligence Solution.

“We are honored to have won Platinum in two categories of this year’s prestigious GSN Homeland Cyber Security Awards competition,” – Dario Forte, DFLabs CEO, announced. “Based on our background in law enforcement and intelligence, we designed IncMan to empower government agencies to monitor, detect and respond to increasingly sophisticated cyber threats using automation.”

This press release was originally published by BusinessWire. Read the full press release here.

Oliver Rochford @ITSPmagazine: The Truth Is That Threat Hunting Is More Art Than Science

DFLabs’ Vice President of Security Evangelism, Oliver Rochford, with a new article for the Experts Corner by ITSPmagazine titled: “The Truth Is That Threat Hunting Is More Art Than Science”, where he goes into more detail on the threat hunting reality today. Even though organizations now have much better threat hunting technologies and tools than ever, still cyber investigations require human analysis in order to be effective.

Read the full article here.