Full Disclosure: Re: Security Incident Response Testing To Meet Audit

Re: Security Incident Response Testing To Meet Audit

From: Charles Polisher <cpolish () gmail com>
Date: Fri, 10 Dec 2010 20:52:22 -0800

Adam Behnke wrote:

Hi everyone, InfoSec Institute author Russ McRee has written up an overview
on tools to ensure maximum readiness for incident response teams, including
drill tactics. PCI-DSS audits often require IR testing validation; drill
quarterly and be ready next audit cycle.

http://resources.infosecinstitute.com/incident-response-and-audit-requirements/

Please let me know your thoughts.


  "Remember that you're playing with binaries that will likely cause
   antivirus to fire."

I take issue with this statement. Tonight I tested $VENDOR's
up-to-date anti-virus against 10 day-old malware samples captured
from the wild - the detection rate was abysmal (225/539).
Maybe your AV is better than mine.

--
Charles Polisher

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: Security Incident Response Testing To Meet Audit Charles Polisher (Dec 12)
- Re: Security Incident Response Testing To Meet Audit Christian Sciberras (Dec 12)
  - Re: Security Incident Response Testing To Meet Audit cpolish (Dec 12)
- Re: Security Incident Response Testing To Meet Audit Jeffrey Walton (Dec 12)
  - Re: Security Incident Response Testing To Meet Audit Jeffrey Walton (Dec 12)
    - Re: Security Incident Response Testing To Meet Audit Line Noise (Dec 13)