Author: venkat

Venkat is founder of FlexibleIR. He brings 20 years of experience in building tools and products at Sun Microsystems, Intel, Novell, HP, Yahoo,Tesco and startups. He has developed test suites and frameworks for post silicon validation of the Xeon processor family (Fuzzing). He has worked deeply on UFS files system at SUN Microsystem. Was a security paranoid at Yahoo.
March 31, 2025

About FlexibleIR

Organizations of all sizes — from start-ups and large enterprises to governments and public sector organizations — can use FlexibleIR to get prepared for handling cyber attacks on premise and in the cloud. We help you build modern day cyber Resilience capabilities using our innovative visual approaches. We serve from IT to OT.

March 12, 2025

Bank Customer and User Awareness – Incident Response Readiness

Here we try to give steps on what a customer on realising that his/her bank is impacted by a crisis should ideally do. This could be a cyber attack like Ransomware or any man made or natural disaster. First is to remain calm. Monitor for any email/sms/social media updates from the Bank. Avoid panic with drawls of more than required/essential needs. Here is an clear […]

March 3, 2025

SEBI – CSCRF Simulation and TableTop Exercise program implementation

Annexure-E: Scenario-based Cyber Resilience Testing This is a sample template for Stock Exchange. REs are encouraged to make their scenarios in consultation with their IT Committee for REs. Sample scenarios that are targeted to cover in Cyber Response plan as well as Cyber Resiliency Testing(Types of Attack × Potential Targeted Time intervals- On Core Systems): WHY THIS HAS BEEN GROUPED INTO TIME ZONES Timing and […]

March 2, 2025

Tracking Weekly active Ransomware families – IT & OT

Being adversarial focused is key as part of the organization resiliency preparedness perspective. Here we give you links that you can do adversarial tracking regularly to move towards Predictive Ransomware Incident Response. IT Ransomware watch OT Ransomware groups General

February 17, 2025

Playbook to respond and mitigate Abyss Ransomware

If under attack, quickly do the scoping and plan for containment. Download few authoritative Write-Up (See below references) for the ABYSS Ransomware Variant(s) Encountered. Harvest additional Indicators from the Report(s). Mobilize the team and remember to take as much help as possible. You can customise our baseline playbooks Practice your TableTop exercise with FlexibleIR About This Threat Profile If you were impacted by this attack […]

November 23, 2024

Innovative Customer Engagement for a cyber Incident Response, Crisis and Resiliency company.

PREPAREDNESS to handle an cyber attack if it happens NOW is key for every organisation. This is foundational to every Enterprise today. The engagements have to be FUN while learning. Humor can add in a lot of value. Below are a few strategies which we found very effective over the last 7 years. Customer engagement requires active participation from customers. FlexibleIR creates the channels and […]

November 14, 2024

Playbook – Incident response for AI&ML Threats

Imagine a world where machines can diagnose diseases, write captivating novels, and even hold conversations that feel human. That’s the promise of Artificial Intelligence (AI) and Machine Learning (ML). AI refers to the broad field of computer science dedicated to creating intelligent machines, while Machine Learning is a specific technique where algorithms learn from data to improve their performance on a specific task. These technologies […]

November 14, 2024

Microsoft Azure Incident Response Use cases and Playbooks – Sentinel

A large number of Enterprises today run on Microsoft technologies, Azure cloud platform and security logging platforms as Sentinel. Responding diligently to alerts triggered due to abnormality and intrusion detections is key to avoid major crisis like Ransomware attacks and Data exfiltrations followed by publish on dark web. The below use cases are critical to identifying any of the early, middle, and end-stage operations of […]

November 7, 2024

Ransomware Recovery –  Isolated Recovery Environment (IRE)

This is required in worst-case scenarios of Ransomware attacks where everything including DR and Backups has failed. This is a critical part of your recovery strategy. Also known as a cyber recovery “clean room”. Understanding normal Disaster Recovery vs. Ransomware Disaster Recovery is key