When An Alarm Isn’t Vendors like to create an ocean of alarms in their products so they can dogpile after an event and claim that "they caught it." This article goes through the dangers of false positives in incident response and how to address them. Read more about When An Alarm Isn’tCharles Herring's blogComments6701 reads
Parsing Vendor Claims of APT Detection How to parse the claims vendors make in APT detection. Read more about Parsing Vendor Claims of APT DetectionCharles Herring's blogComments2987 reads