Top OSS Incident Response Tools
Open-source software (OSS) incident response (IR) tools are publicly available tools enterprises use to effectively manage and respond to numerous security threats.
Chris Champa
Chris Champa Articles
Security logs
Cloud security logs are formatted text records that capture events and activities as they occur in a cloud environment, providing insight into what’s happening within that environment in real time.
What is Managed Detection and Response (MDR)?
In this post, we’ll look at some of the differences between MDR and traditional managed services, how MDR functions within organizations, some of the tools it works with for even more effective threat detection and response, and the most important tip for getting the most out of your MDR solution.
What is an Incident Response Plan (IRP)?
An incident response plan is a documented, structured approach that outlines how an organization detects, contains, eradicates, and recovers from cybersecurity incidents.
Watch 12-min demo
Watch how Wiz turns instant visibility into rapid remediation.
What is Detection Engineering?
Detection engineering is the practice of systematically designing, building, testing, deploying, and maintaining threat detection logic to identify malicious activity or unauthorized behavior across an organization's environment.
Incident Response Automation Explained
Incident response automation uses AI and machine learning to detect, triage, and remediate security incidents faster than manual processes allow.
Free Incident Response Playbooks: Learn How to Apply Them
Learn more about incident response playbooks to find gaps in your process. Plus, get free playbooks for your cloud security teams, best practices, and more.
What is a SOC? A Guide to Security Operations Centers
A security operations center (SOC) is a centralized function that combines people, processes, and technology to continuously monitor an organization's IT environment for security threats.
What Is Cloud Incident Response?
Cloud incident response is a strategic approach to detecting and recovering from cyberattacks on cloud-based systems with the goal of minimizing the impact to your workloads and business operation accordingly.
SOC Metrics: Measuring SecOps KPIs
SecOps metrics are trackable bits of data that quantify various aspects of your security operations center (SOC), such as performance or efficiency.
6 Essential SOC Best Practices
Explore the top best practices for an effective security operations center (SOC).
What is Anomaly Detection?
In this post, we’ll look at where anomaly detection fits into your cybersecurity big picture, some common techniques and use cases, as well as some tips on rolling out anomaly detection without adding to your teams’ workload.
What is Cloud Threat Modeling?
Cloud threat modeling is a systematic approach designed to uncover, evaluate, and rank the potential security vulnerabilities and dangers unique to cloud-based systems and infrastructure.
What is Cloud Forensics?
Cloud forensics is a branch of digital forensics that applies investigative techniques to collecting and evaluating critical evidence in cloud computing environments following a security incident.
Chris Champa Posts
Wiz Defend: Delivering the Promise of Cloud-Native Security Operations
A new approach to detect and respond to cloud-native threats
Cloud Logging Tip & Tricks: Getting the most value out of your cloud logs
In the cloud, logs are often the only way to get real-time visibility into what's happening, making them critical to any cloud detection and response program.