Introduction to DFIR

Comprehensive guide to starting a career in Digital Forensics and Incident Response with practical resources.

January 11, 2016 · 15 min · Scott J Roberts

Intelligence Concepts — The Intelligence Cycle

Explains the Intelligence Cycle’s six steps with hands-on examples from tracking APT groups.

December 16, 2015 · 8 min · Scott J Roberts

FIRST 2015

FIRST 2015 Berlin conference preview with talk recommendations on threat intelligence and incident response.

June 11, 2015 · 6 min · Scott J Roberts

Intelligence Concepts — F3EAD

F3EAD methodology: combining military operations with intelligence cycles for effective incident response.

March 24, 2015 · 4 min · Scott J Roberts

Maltego Transforms for the Lazy

Step-by-step guide to building custom Maltego transforms with Python examples and automation tips.

March 3, 2015 · 6 min · Scott J Roberts

APT is a Who not a What… And Why it doesn’t Matter

A small number of topics get intelligence driven incident responders incredibly frustrated. Using intelligence to mean smart (I’ll share more about that later this week).

February 16, 2015 · 5 min · Scott J Roberts

Intelligence Concepts - OODA

Understanding the OODA Loop for faster incident response and security decision-making cycles.

January 27, 2015 · 4 min · Scott J Roberts

The Perils of (Mis)Attribution

The challenges of cybersecurity attribution: incomplete data, easy spoofing, and avoiding bias in threat analysis.

January 4, 2015 · 10 min · Scott J Roberts

Using Robots to Fight Bad_Guys

ChatOps for DFIR: Using Hubot to automate security operations through chat interfaces and GitHub workflows.

May 14, 2014 · 5 min · Scott J Roberts