Last updated at Thu, 31 Aug 2017 14:18:17 GMT
We did a webcast with @hrbrmstr @gdbassett from the Verizon team last week, discussing how to get started VERIS, the Vocabulary for Event Recording and Incident Sharing.
If you missed that webcast- check it out!
If you joined us, thanks for coming out. We've attached an Excel spreadsheet with a couple of examples to help you get started at VERIS level 2, a couple of layouts to consider using... and we will be providing some updates. Special thanks to Judy Nowak for her hard work on the spreadsheet -- be looking for a blog post from her in the near future!
On our webcast, we did a (laughably un-)scientific survey of how folks were tracking incidents in their organization. There's going to be a sample bias, but the questions we asked here would be useful with your own management.... so discuss them with your team and boss!
Here are some additional resources for getting started with VERIS:
- What is VERIS?
- The VERIS Community Website
- The VERIS Encoder, built to migrate from a standard CSV to JSON for more advanced analysis.
- Verizon's Security Blog
- Verizon's DBIR & VERIS team's GitHub page
If you fancy yourself hungering for something a bit more technical and have data you're ready to play with- here are VERIS R Resources:
- https://github.com/vz-risk/veris
- https://github.com/vz-risk/veris_scripts
- https://github.com/jayjacobs/verisr/
- https://github.com/vz-risk/VERISAG
- https://securityblog.verizonenterprise.com/?p=7212
UPDATE: 13 November -- Gabe recorded a video on getting started analyzing incidents using VERIS in Microsoft Excel
If you'd like to work through the example, use the VERISMM example file attached below!
If you've got questions, let us know! We'll be posting more content to help you get rolling shortly.