What is Digital Forensics and Incident Response (DFIR)?
Digital forensics is the cybersecurity process of gathering digital evidence and responding to a cyberattack.
Greg Zemlin
Greg is a dedicated member of the Wiz Product Marketing team, where he brings his expertise in Cloud Detection and Response. For the better part of the last decade, Greg has contributed to the development of detection and response products, holding key roles in Product Marketing and Product Management. Outside of his professional endeavors, Greg values quality family time with his family and has a passion for CrossFit.
Greg Zemlin Articles
The 13 Must-Follow Threat Intel Feeds
A threat intel feed, or threat intelligence feed, provides a continuous incoming flow of data related to cyber threats and risks.
The Top 8 OSS Threat Intelligence Tools
In this blog post, we’ll shine a light on the top OSS threat intelligence platforms and tools that enterprises can integrate into their security stack.
MTTD and MTTR in Cybersecurity Incident Response
Most incident response teams measure both MTTD and MTTR to not only shorten attackers’ dwell times in their systems but also to gauge the team’s readiness to combat future security incidents and then optimize response times.
Attack Path Analysis (APA) Explained
Attack path analysis (APA) is a cybersecurity technique that identifies and maps how potential attackers could infiltrate your network and systems
What is the MITRE ATTACK framework?
MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a cybersecurity framework that helps enterprises fortify themselves against cyber threats.
What is Defense Evasion According to MITRE?
MITRE ATT&CK®, a publicly available security toolkit that helps enterprises overcome cyber threats, defines defense evasion as a way for malicious actors to evade detection during an attack.
Cloud Threat Hunting Explained
Threat hunting involves a systematic, continuous search to find and eliminate malicious activity within an organization’s environment.
Cloud Investigation and Response Automation (CIRA)
Cloud investigation and response automation (CIRA) harnesses the power of advanced analytics, artificial intelligence (AI), and automation to provide organizations with real-time insights into potential security incidents within their cloud environments
Threat Detection and Response (TDR) Explained
Threat detection and response (TDR) is a set of continuous processes that proactively search for cyberattacks and respond to them in real time.
What is Cloud Detection and Response (CDR)?
Cloud detection and response is the process of identifying and mitigating security threats or incidents in cloud environments through monitoring, analysis, and automated or manual actions.
CDR vs EDR vs XDR: What's the difference?
Wade through the alphabet soup of detection and response technologies to understand where they overlap and how they differ.
Cryptojacking Explained
Cryptojacking is when an attacker hijacks your processing power to mine cryptocurrency for their own benefit.
What is Privilege Escalation?
Privilege escalation is when an attacker exploits weaknesses in your environment or infrastructure to gain higher access and control within a system or network.
How to Draw Up an Incident Response Policy: An Actionable Checklist for Cybersecurity Professionals
Learn how to create your own company incident response policy to prepare and prevent against an attack on your IT systems in this complete guide.
Agentless vs. Agent-Based Security: Which is Better for the Cloud?
Agentless and agent-based systems are both valid approaches for cloud security. There is no single right answer when deciding which to choose, as each comes with its own advantages and drawbacks.
Greg Zemlin Posts
Ta Da! The Wiz Runtime Sensor is now available in Wiz for Gov (FedRAMP)
We are excited to announce the addition of the Wiz Sensor to Wiz for Gov’s ATO. The lightweight eBPF based sensor improves risk prioritization, deepens threat detection, and adds runtime protection for container hosts and VMs.
Introducing Hybrid File Integrity Monitoring
Enhance your security with Wiz’s new hybrid File Integrity Monitoring (FIM) solution, combining agentless and runtime capabilities for comprehensive file monitoring.
Custom runtime rules and runtime response policies: new layers of defense
Wiz's custom runtime rules and runtime response policies add new layers to your defense-in-depth strategy.
Expanding coverage with Linux runtime
Wiz announces its Runtime Sensor for Linux, expanding coverage of threat detection and response for cloud workloads.
Defense in depth: XZ Utils
We explore assessment, prevention, and detection strategies for protecting your organization from the XZ Utils vulnerability.