Founder solo đang phát triển PathFinder AI – nền tảng trí tuệ cho incident, giúp đội ops/IT nhỏ giảm cảnh báo quá tải. Điểm nổi bật: đánh giá mức độ khẩn cấp, phát hiện mô hình sự cố, giải thích lý do ưu tiên. Đang beta riêng, không bán hàng, cần phản hồi từ người đã trải qua alert fatigue. #AI #IncidentManagement #Ops #CôngNghệ #CảnhBáo #PhảnHồi
https://www.reddit.com/r/SaaS/comments/1qt97hs/building_an_ai_incident_intelligence_tool_for_uk/
CNA disclosed an external system breach affecting 5,875 individuals, involving unauthorized access and exposure of personal identifiers with additional sensitive data.
Notification timing remains pending, while 12 months of credit monitoring and identity theft protection are being offered. The case highlights ongoing challenges around breach confirmation and third-party coordination.
What controls help reduce discovery gaps in financial environments?
Follow @technadu for factual breach reporting.
#InfoSec #FinancialCyber #IncidentManagement #DataBreach #Privacy #TechNadu
The 2024 CrowdStrike outage caused a worldwide Windows Blue Screen crash, impacting airlines, banks, and enterprises.
This deep dive explains how DevOps & SRE teams mitigated impact, recovered systems, and prevented total failure.
🔗 https://shorturl.at/VLqxz
#CrowdStrikeOutage #DevOps #SRE #IncidentManagement #CyberResilience #CloudOps #PostMortem #ReliabilityEngineering #aws
Inha University disclosed a ransomware incident that temporarily disrupted services and was reported to KISA and the Personal Information Protection Commission. Systems were restored within the same day, while claims of internal data exposure by a ransomware group remain under investigation.
The incident reflects ongoing challenges in securing academic environments that combine legacy systems, personal data, and open-access infrastructure.
What controls should higher education prioritize against ransomware?
Engage in discussion and follow @technadu for factual InfoSec coverage.
#InfoSec #RansomwareDefense #HigherEdSecurity #IncidentManagement #DataProtection #TechNadu
🚀 Đã ra mắt Slack bot tự động quản lý sự cố!
🔹 `/incident start` tạo kênh "war room", gọi on‑call.
🔹 Debug trong kênh, bot ghi lại mọi tin nhắn.
🔹 `/incident resolve` AI phân tích và soạn bản postmortem.
🔹 Tích hợp lên lịch on‑call, escalation, Jira & PagerDuty.
🛠️ Stack: TypeScript, Slack Bolt, Prisma, PostgreSQL, OpenAI.
🔄 Đang thử nghiệm 2 tuần, mong nhận phản hồi!
#Slack #Bot #IncidentManagement #CôngCụ #QuảnLýSựCố #DevOps #AI #OpenAI
#Development #Findings
The Pragmatic Engineer 2025 Survey (Part 3) · Which tools do software engineers use today? https://ilo.im/167n2s
_____
#Observability #IncidentManagement #Experimentation #TechStack #Tooling #Frameworks #DevOps #WebDev #Frontend
Auch 2026 findet wieder ein #GI-SPRING-Graduiertenworkshop der Fachgruppe Security - Intrusion Detection and Response (SIDAR) statt. Diesmal am 21. und 22.04.2026 in #Heidelberg.
Zu den Themen gehören #VulnerabilityAssessment, #ThreatIntelligence, #IntrusionDetection, #Malware, #IncidentManagement, #WirelessSecurity, #DigitalForensics usw.
Einreichungen werden bis zum 15.03.2026 angenommen.
Today's AWS outage was a stark reminder: what happens when the tools you rely on to manage incidents... are part of the incident?
When Slack, Zoom, PagerDuty, and even Statuspage are impacted, how do you get your response team re-connected to solve the underlying problem? Once they're talking to each other, they can improvise a response, but that first step of re-establishing contact is critical.
This isn't just a hypothetical. It's a real-world scenario that can paralyze even the most prepared organizations. Relying on a plan that's tucked away in a long-forgotten document is a recipe for disaster.
Here's what I recommend to the leaders I advise:
🔹 Have a "Rally Point" Plan: Don't just have a backup concept; have a pre-defined, communicated, and accessible fallback plan. Every second counts in an incident, and you can't waste time figuring out where to communicate. If you normally use Slack and Zoom, then think Google Meet or Microsoft Teams for your backup, and vice versa. Maybe even an old-fashioned conference call bridge. The key is that everyone knows where to go, when the normal places aren't working.
🔹 Make it Accessible: Your plan is useless if it's on a server that nobody can get to at the moment. Laminated wallet cards, a shared password vault with offline access, or a regularly updated file on every employee's laptop are all viable options.
🔹 Practice, Practice, Practice: Fire drills aren't just for fires. Run drills for your fallback communication plan. This ensures everyone remembers it exists and that the mechanisms still work.
🔹 Don't Forget Security: Assume that your fallback channel is compromised, and that outsiders are listening in. Use it just as a rendezvous point to direct responders to more secure, authenticated channels, where you can validate every participant. Don't discuss sensitive information in the open.
Incidents are costly, not just in revenue, but in reputation and team morale. Proactive preparation isn't a luxury; it's a necessity.
What's your team's communication fallback plan? Share your thoughts in the comments below. 👇
#IncidentManagement #BusinessContinuity #SiteReliability #DevOps #AWSOutage
In DevOps, the real differentiator at 2 AM isn’t just the tech stack—it’s the soft skills that hold the line. Explore actual incident stories, unexpected lessons, and the human side of DevOps in “DevOps Soft Skills That Save You at 2 AM”.
Read more: https://shorturl.at/NabPS
Some folks may recall my anger on August 18 over a vendor who wasn't responding to alerts about exposing their clients' data. The data included court files or records that were confidential or even sealed. At the time, researchers had discovered two entities that were exposed. They subsequently discovered more.
Yesterday, the vendor -- who had even ignored a call from the FBI -- finally secured one of the two after the client finally reached them on the phone.
The vendor told them they had fixed the problem. But did they?
[SPOILER ALERT: No.]
You won't believe what happened next, or maybe you will, but you'll have to stay tuned for this story, which has now gotten astronomically bigger because not only were the data still not secured but the vendor -- after claiming that the researchers had used hacking techniques to access unsecured data -- inexplicably sent the client a list of ALL of vendor's clients with their technical details AND ALL OF THEIR LOGIN CREDENTIALS.
[WTF!?]
I have never been as tempted to issue an actual press release warning all entities about a specific vendor, but... wow.
Stay tuned. Eventually, I will write this all up, but first, I want to hear what the client's lawyers and insurers decide to do to hold the vendor accountable.
(August 18 post: https://infosec.exchange/deck/@PogoWasRight/115033245331860859)
#databreach #dataleak #incidentresponse #incidentmanagement #thirdparty #vendor #accountability
🚀 Behold, the ultimate library for the technical leader who can’t lead without a script! 🌟 With over 1,000 #resources, you can now master the art of telling others what to do while pretending to manage incidents like a pro. 📚 Perfect for those who need a step-by-step guide to breathe in the world of tech leadership. 🦆
https://debuggingleadership.com/stdlib #techleadership #managementguide #incidentmanagement #leadershipskills #HackerNews #ngated
Agile ITSM turns rigid processes into rapid value—what’s your next move? #AgileITSM #DigitalTransformation #ITLeadership #ModernIT #DevOps #ITOps #AgileMindset #ServiceExcellence #IncidentManagement #ContinuousImprovement #Automation #SelfService #Collaboration #Swarming #MTTR #MTTD #Metrics #Innovation #CustomerSatisfaction
https://medium.com/@sanjay.mohindroo66/beyond-the-ticket-agile-itsm-for-speed-clarity-and-impact-550a98882cb1
The new, updated list of incident management tools for 2025 is here.
https://blog.incidenthub.cloud/the-ultimate-guide-to-incident-management-tools-in-2025
Release It! by Michael T. Nygard
"Manage perceptions after a major #incident It’s as important as managing the incident itself."
In August 2020, @SchizoDuckie and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."
In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by @JayeLTee, @masek, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.
Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately.
Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to @TonyYarusso and @bkoehn for their efforts.
#dataleak #misconfiguration #incidentresponse #incidentmanagement #responsibledisclosure #securityalert #infosec
SCSM - How to delete all incidents | https://techygeekshome.info/scsm-how-to-delete-all-incidents/?fsp_sid=1825 | #Guide #SCSM#SCSMIncidentRemoval, #SCSMGuide, #ITManagement, #IncidentManagement, #SCSMHelp, #ITInfrastructure, #SystemCenterServiceManager, #SCSMTutorial, #TechSupport, #ServiceManagement.
https://techygeekshome.info/scsm-how-to-delete-all-incidents/?fsp_sid=1825
The Information and Privacy Commissioner of Ontario has completed a review into Daixin Team's massive cyberattack on five regional hospitals in 2023 and found hospital officials acted “adequately.”
Perhaps the most notable aspect of the report (from my perspective) was that the IPC said the hospitals were obligated to notify patients whose data had been encrypted (and not just those whose data had been exfiltrated). They saw no point in requiring that now, but wanted it noted that it should have happened.
So that seems to be making PHIPA's interpretation clearer for future victims of encryption incidents.
The full report makes an interesting read.
PHIPA Decision 284:
https://decisions.ipc.on.ca/ipc-cipvp/phipa/en/item/521986/index.do
#PHIPA #notification #incidentmanagement #databreach #ransomware
Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.
#databreach #ransomware #IncidentManagement #disclosure #transparency #healthsec #HIPAA
"If you focus too narrowly on preventing the specific details of the last incident, you’ll fail to identify the more general patterns that will enable your future incidents."
Great blog post from @norootcause
B.C. health authority faces class-action lawsuit over 2009 data breach
Let's see... they didn't prevent breaches, they didn't detect breaches on their own, and they didn't notify 20,000 employees timely or provide any mitigation services timely or at all.
But can plaintiffs prevail?
#databreach #infosec #cybersecurity #incidentmanagement #litigation
