If you conduct digital forensics for incident response internally, what DFIR tools are you using?

Threat Intelligence & Incident Response Threat & Vulnerability Management

3.9k views3 Comments

Sort by:

Chief Technology Officer in Media2 years ago

For internal digital forensics in incident response, widely used tools include EnCase, Sleuth Kit, and Autopsy. These tools facilitate thorough analysis of digital evidence, aiding in identifying, mitigating, and learning from security incidents.

CIO in Education2 years ago

I would say it mainly depends on your industry and the scale you need to apply it to. If you are mid-range why pay for a solution, no matter how advanced and robust it may be, while your threat levels are mid-low? In any case, my proposition would be BINALYZE AIR. So far, I have not faced any inconvenience with it.

Chief Information Security Officer in Finance (non-banking)2 years ago

Encase

Content you might like

Have you put together a cyber security incident response plan flow chart for communications specifically?

Yes40%

Yes, but it needs updating46%

No9%

We're working on one3%

View Results

Are you seeing changes in the quality or speed of threat intelligence from sources you relied on in previous years? Can you share how you are being impacted so far by the uncertainty around public-private partnerships for cyber information sharing?

How can security leaders in smaller organizations stay informed about emerging threats if they don’t have access to formal threat intelligence feeds?

Any examples you can share of effective use cases for threat intelligence beyond cybersecurity? Have you had success applying threat intelligence beyond IT/cybersecurity to increase its ROI or better justify that investment?

For those in healthcare, are medical devices vulnerable to hackers or outside bad actors?

Yes53%

Not yet, but it's possible in the near future33%

No7%

Unsure6%