Dan is the founder and CEO of Pulsedive, and has previous industry experience in incident response, security engineering, security operations, and over 10 years of development experience.
Vetting Threat Intelligence
If your organization has ever gotten an alert for “facebook.com” because someone didn’t vet indicators of compromise properly somewhere along the chain between threat intelligence generation by a third-party and consumption by your security infrastructure, you’re not alone. Facebook might be an extreme example, but it’s
Your Password Policy Doesn't Work
Your employer’s password policies are stupid and you know it. If for some reason you love your employer’s password policies, then hopefully you will be disappointed by the end of this post, but first let me clarify which password policies I’m talking about. > Bad Password Policy – a
Should You Pay Hacker Ransom?
If you haven’t heard by now, Uber paid hackers [https://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data] $100,000 in ransom last year in exchange for deleting the stolen personal information of 57 million victims. Hackers have also been know to demand ransom for DDoS attacks [https://www.bleepingcomputer.
What is Threat Intelligence?
A quick Google search suggests that a consensus has not quite been reached on defining the term “cyber threat intelligence.” There are some blog posts (yep, this one too) and even white papers attempting to assign some specifics or even trying to define threat intelligence by defining what it isn’