If you follow my blog for a while, you probably noticed that I’m not really active with new content. Most articles are published through the SANS ISC Website but it does not mean I don’t have content to publish. It’s just a question of time like many of us!
Recently, I listened to an interesting conversation in a SOC (“Security Ope
Ironically, to keep costs low for their enterprise and mid-market clients, managed service providers (MSPs) are some of the most reliant on third-party vendors—including those providing security. While this is generally not an indication of dysfunction or vulnerability, the responsible MSP will be looking with a critical eye while vetting cybersecurity vendo
Security is more than just tools and processes. It is also the people that develop and operate security systems. Creating systems in which security professionals can work efficiently and effectively with current technologies is key to keeping your data and networks secure. Many enterprise organizations understand this need and are attempting to meet it with
Presentation on building effective SOCs (as given at InfoSec Europe 2019 on the interactive workshop track).
Simon Crocker, Cisco’s EMEAR lead for SOC Advisory looks at what goes into making a SOC work effectively.
This talk discusses the core SOC requirements around monitoring and incident response function, but also touches on some of the other serv
Presentation on building an effective operational security capability (as given at Cisco Live US/Talos Threat Research Summit 2019).
This talk will not help you build a SOC in only 60 minutes, but it will help you build a functional security operation over time.
Building a SOC can be daunting. This talk will look at how to pick your fights and the key battle
CrowdStrike Inc., the leader in cloud-delivered endpoint protection, announced the fastest and largest cybersecurity search engine.
Security firm CrowdStrike, the leader in cloud-delivered endpoint protection, announced a significant improvement of its Falcon platform that has been integrated with a powerful cybersecurity search engine.
According to the com
The lowly banana – it’s a great source of potassium. As a stand-alone food source, it’s rather boring. Mono-flavored (like a banana). It’s sometimes squishy or bruised or otherwise imperfect. And it’s often part of a dull breakfast routine (mine).But pair banana slices with bran cereal or as the basis for a smoothie, and your taste buds come alive. Let’s cal
The Italian model with regard to issues of cyber security and intelligence is in the process of evolution through a NATIONAL FRAMEWORK.
The economic and technological systems of Western countries are highly dependent on CyberSpace, they require more and more accurate risk analysis and management of threats relate to a significant increase in cyber attacks an
What is a SOC? What is its mission? Which are the Security tools and technology components of a SOC? Here come all the answers.
A definition
What is a SOC?
A Security Operations Center (SOC) is an organized and highly skilled team whose mission is to continuously monitor and improve an organization’s security posture while preventing, detecting, analyzing, a
At iSIGHT Partners, we are often asked exactly how cyber threat intelligence benefits different groups within an IT organization. To answer those questions, we are publishing a series of posts on CTI use cases for the SOC Level 1 Analyst, the Incident Responder, the CISO, the Threat Intelligence Analyst, the NOC Analyst, and the team responsible for vulnerab
Read the first post on this topic here.
How the SOC Uses Cyber Threat Intelligence
In our previous post we introduced three use cases of how cyber threat intelligence helps SOC Level 1 analysts. Those use cases are summarized in this table:
Figure 1: Cyber Threat Intelligence Use Cases for SOC Level 1 analysts
In this post we discuss exactly how cyber thr
According to a recent report issued by the Mehr news agency , more than 10,000 cyber attacks are detected by the Iran every day, mostly from Israel.
According to a recent report, more than 10,000 Internet security attacks are detected by cyber security experts in Iran every day, a country that is spending a significant effort
It started with a five minute long DDoS attack which established that the cybercriminals meant business and could cause impact, this small sample attack stopped all business for five minutes. They then sent an email demanding payment of the ransom in bitcoins within 48 hours, otherwise a second and far more damaging DDoS attack would ensue and the ransom amo
I have been involved in the hiring process for our Security Operations Center (SOC) for about a year and a half. Throughout this time, I have reviewed resumes, conducted phone screens, and participated in the technical interviewing process. I have been both dumfounded by the audacity of some individuals and amazed by the sheer awesomeness of rising stars. On
Risk – it’s a four-letter word senior managers would love to banish from their organizations. Unfortunately, the “washing one’s mouth out with soap” method does not extinguish the type of risk cyber security experts worry about the most.While there are numerous types of risk to discuss, I am going to limit my comments here to the area of compromise because t