Author: Williams, F.; Varol, C.; Rasheed, A.; Shashihar, N.
Title: Threat Landscape Expansion during Covid-19: Remote Incident Response Handling Cord-id: ys7v1pdw Document date: 2021_1_1
ID: ys7v1pdw
Snippet: This paper provides an automated remote incident handling solution for an Information Security organization that rushed to become work-from-home type businesses because of Covid-19. This paper demonstrates a suitable solution to solve two separate problems. The first problem is to develop a method to enhance both incident response and threat hunting remotely. This is accomplished by developing a triggering mechanism based on the Microsoft Windows Defender antivirus system. The trigger subsequent
Document: This paper provides an automated remote incident handling solution for an Information Security organization that rushed to become work-from-home type businesses because of Covid-19. This paper demonstrates a suitable solution to solve two separate problems. The first problem is to develop a method to enhance both incident response and threat hunting remotely. This is accomplished by developing a triggering mechanism based on the Microsoft Windows Defender antivirus system. The trigger subsequently executes a snapshot of the workstations condition for use by the cybersecurity professionals to determine if this is a false positive or a true positive event. The second problem attempted to solve the issue is to create a local logging mechanism to assist with basic forensics analysis of the remote worker's activity. In a typical enterprise environment, this solution can be utilized efficiently by either a remote desktop protocol or by simply physically picking up the device for further analysis. © 2021 IEEE.
Search related documents:
Co phrase search for related documents- Try single phrases listed below for: 1
Co phrase search for related documents, hyperlinks ordered by date