HackDig : Dig high-quality web security articles for hackers

To Automate or To Reduce the Noise?

If you follow my blog for a while, you probably noticed that I’m not really active with new content. Most articles are published through the SANS ISC Website but it does not mean I don’t have content to publish. It’s just a question of time like many of us! Recently, I listened to an interesting conversation in a SOC (“Security Ope
Publish At:2020-10-30 09:06 | Read:358 | Comments:0 | Tags:Security Alerts Automation Fatigue SOC

Securing the MSP: best practices for vetting cybersecurity vendors

Ironically, to keep costs low for their enterprise and mid-market clients, managed service providers (MSPs) are some of the most reliant on third-party vendors—including those providing security. While this is generally not an indication of dysfunction or vulnerability, the responsible MSP will be looking with a critical eye while vetting cybersecurity vendo
Publish At:2020-03-11 13:20 | Read:1113 | Comments:0 | Tags:Business cybersecurity vendors enterprise managed service pr

5 tips for building an effective security operations center (SOC)

Security is more than just tools and processes. It is also the people that develop and operate security systems. Creating systems in which security professionals can work efficiently and effectively with current technologies is key to keeping your data and networks secure. Many enterprise organizations understand this need and are attempting to meet it with
Publish At:2019-12-13 16:50 | Read:1325 | Comments:0 | Tags:Business Endpoint Protection incident responder incident res

Discover the secrets of the SOC

Presentation on building effective SOCs (as given at InfoSec Europe 2019 on the interactive workshop track). Simon Crocker, Cisco’s EMEAR lead for SOC Advisory looks at what goes into making a SOC work effectively. This talk discusses the core SOC requirements around monitoring and incident response function, but also touches on some of the other serv
Publish At:2019-09-19 17:35 | Read:1572 | Comments:0 | Tags:Presentations blue team C-Suite conference InfoSec Europe SO

So you want to build a SOC: Lessons from the front line

Presentation on building an effective operational security capability (as given at Cisco Live US/Talos Threat Research Summit 2019). This talk will not help you build a SOC in only 60 minutes, but it will help you build a functional security operation over time. Building a SOC can be daunting. This talk will look at how to pick your fights and the key battle
Publish At:2019-09-19 17:35 | Read:1624 | Comments:0 | Tags:Presentations blue team conference SOC TTRS

CrowdStrike presented the fastest and largest cybersecurity search engine

CrowdStrike Inc., the leader in cloud-delivered endpoint protection, announced the fastest and largest cybersecurity search engine. Security firm CrowdStrike, the leader in cloud-delivered endpoint protection, announced a significant improvement of its Falcon platform that has been integrated with a powerful cybersecurity search engine. According to the com
Publish At:2017-07-26 07:20 | Read:5441 | Comments:0 | Tags:Breaking News Hacking Security CrowdStrike cybersecurity sea

Amplify IT Security by Integrating Solutions

The lowly banana – it’s a great source of potassium. As a stand-alone food source, it’s rather boring. Mono-flavored (like a banana). It’s sometimes squishy or bruised or otherwise imperfect. And it’s often part of a dull breakfast routine (mine).But pair banana slices with bran cereal or as the basis for a smoothie, and your taste buds come alive. Let’s cal
Publish At:2016-12-02 05:00 | Read:5486 | Comments:0 | Tags:Featured Articles IT Security and Data Protection FIM integr

A close look at the Italian Cybersecurity National Framework

The Italian model with regard to issues of cyber security and intelligence is in the process of evolution through a NATIONAL FRAMEWORK. The economic and technological systems of Western countries are highly dependent on CyberSpace, they require more and more accurate risk analysis and management of threats relate to a significant increase in cyber attacks an
Publish At:2016-08-01 08:00 | Read:3748 | Comments:0 | Tags:Breaking News Security csoc cyber security Framework Italy N

What is a SOC (Security Operations Center)?

What is a SOC? What is its mission? Which are the Security tools and technology components of a SOC? Here come all the answers. A definition What is a SOC? A Security Operations Center (SOC) is an organized and highly skilled team whose mission is to continuously monitor and improve an organization’s security posture while preventing, detecting, analyzing, a
Publish At:2016-05-24 18:50 | Read:6491 | Comments:0 | Tags:Breaking News Security cyber security cyber threats Pierluig

PART 1: Cyber Threat Intelligence and the SOC Level 1 Analyst

At iSIGHT Partners, we are often asked exactly how cyber threat intelligence benefits different groups within an IT organization. To answer those questions, we are publishing a series of posts on CTI use cases for the SOC Level 1 Analyst, the Incident Responder, the CISO, the Threat Intelligence Analyst, the NOC Analyst, and the team responsible for vulnerab
Publish At:2015-12-16 04:10 | Read:3735 | Comments:0 | Tags:iSIGHT Partners cyber threat intelligence Roles-Based Use Ca

PART 2: Cyber Threat Intelligence and the SOC Level 1 Analyst

Read the first post on this topic here.  How the SOC Uses Cyber Threat Intelligence In our previous post we introduced three use cases of how cyber threat intelligence helps SOC Level 1 analysts. Those use cases are summarized in this table: Figure 1: Cyber Threat Intelligence Use Cases for SOC Level 1 analysts In this post we discuss exactly how cyber thr
Publish At:2015-12-16 04:10 | Read:4021 | Comments:0 | Tags:iSIGHT Partners cyber threat intelligence Roles-Based Use Ca

Israel is the main source of cyber attacks on Iran

According to a recent report issued by the Mehr news agency , more than 10,000 cyber attacks are detected by the Iran every day, mostly from Israel. According to a recent report, more than 10,000 Internet security attacks are detected by cyber security experts in Iran every day, a country that is spending a significant effort
Publish At:2015-09-09 14:00 | Read:3976 | Comments:0 | Tags:Breaking News Cyber warfare Intelligence Reports Security cy

DDoS Extortion – Biting the DDoS Bullet

It started with a five minute long DDoS attack which established that the cybercriminals meant business and could cause impact, this small sample attack stopped all business for five minutes. They then sent an email demanding payment of the ransom in bitcoins within 48 hours, otherwise a second and far more damaging DDoS attack would ensue and the ransom amo
Publish At:2015-08-11 02:45 | Read:4692 | Comments:0 | Tags:Cyber Security Assesment DDoS Security DDoS DDoS Analysis DD

Landing a Hands-On Security Gig – Part 1

I have been involved in the hiring process for our Security Operations Center (SOC) for about a year and a half. Throughout this time, I have reviewed resumes, conducted phone screens, and participated in the technical interviewing process. I have been both dumfounded by the audacity of some individuals and amazed by the sheer awesomeness of rising stars. On
Publish At:2015-07-28 07:55 | Read:4737 | Comments:0 | Tags:Connecting Security to the Business Featured Articles CIRT I

It’s Time to Extinguish the Risk

Risk – it’s a four-letter word senior managers would love to banish from their organizations. Unfortunately, the “washing one’s mouth out with soap” method does not extinguish the type of risk cyber security experts worry about the most.While there are numerous types of risk to discuss, I am going to limit my comments here to the area of compromise because t
Publish At:2015-07-23 05:10 | Read:5029 | Comments:0 | Tags:Featured Articles Risk Management APT IR John Bradshaw risk


Tag Cloud