Russ McRee's HolisticInfoSec.org is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve infosec for all who seek to do so. Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavors to aid in that process through dynamic content and timely topics in ISSA Journal's toolsmith. As well we know, those who would do harm never rest: protect your own.

Practice simplicity
Seek to be proactive, rather than reactive
Think creatively, but adhere to standards
Employ best practices

Russ will be presenting Incident Response in Virtual Environments: Challenges in the Cloud, with Bryan Casper, at the 22nd Annual FIRST Conference in Miami, on Thursday, June 17, 2010, 1300-1400.

Abstract

Incident response in large production environments is challenging enough. Add layers of virtualization, a constantly dynamic state, as well as a broad external customer base and the challenges deepen exponentially.

This presentation aims to provide recommendations and guidance based on experience and information gathered while conducting incident response in such environments including large virtualized caching networks and cloud-based services. Logging, tooling, forensic methods, and egress-based network security monitoring are amongst the topics to be discussed. This presentation also intends to allow active discussion with participants to share their experiences.