Tips
Engineering | 8 min read
Instrumenting the “big three” managed Kubernetes offerings with PythonSecurely accessing Kubernetes APIs on GKE, EKS, and AKS can be a challenge. Get the tools and best practices you need to do it yourself.
Tips | 4 min read
5 tips for writing a cybersecurity policy that doesn’t suckAll good cybersecurity policies share some similar traits. Here are our pro tips for creating a solid policy for your own org.
Tips | 4 min read
Four common infosec legal risks and how to mitigate themThere are four missteps we see happen often that open fast-growing companies up to unnecessary legal risks -- here’s how to course correct.
Tips | 6 min read
Dear fellow CEO: do these seven things to improve your org’s security postureNeed to get the security train back on the tracks? Our CEO’s got some pro tips on improving your org’s security ASAP.
Tips | 6 min read
Five tips for improving your data ingestion and auditing processYou’re processing loads of data every day...but are you catching it all? Here are tips from our pros for rocking your data auditing.
Tips | 4 min read
How public-private partnerships can support election securityElection security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.
Tips | 8 min read
How to find Amazon S3 bucket misconfigurations and fix them ASAPWhy do Amazon S3 bucket breaches happen and how can you protect your own org from making this mistake? We’ve got all the AWS pro tips for you in our latest post.
Tips | 6 min read
Evaluating GreyNoise: what you need to know and how it can help youWe use technologies behind the scenes to make Expel Workbench and our analysts more efficient. GreyNoise is one of those -- here's how we use it and why you might find it useful too.
MDR | 9 min read
12 revealing questions to ask when evaluating an MSSP or MDR vendorWe’ve heard lots of interesting Qs as prospective customers evaluate which MDR provider is right for them... here are the 12 you should be asking.
Tips | 10 min read
Seven ways to spot a business email compromise in Office 365Learn what business email compromise is, BEC scams categories, and how to prevent or identify these spam phishing attacks in Office 365 including mailbox rule examples and more.
Tips | 8 min read
Why we love threat emulation exercises (and how to get started with one of your own)If your team doesn’t have lots of incident response practice under their belt (yet!), a threat emulation exercise is the perfect way to help them flex.
Tips | 6 min read
How to get the most out of your upcoming SOC tour: making your provider uncomfortableIf you’re in the market for an MSSP or looking to keep tabs on your existing provider, visiting their security operations center (SOC) can be a good way to get a sense for what you’re really buying. Let us walk you through how to prepare for your visit to get the most out of your visit.
Tips | 4 min read
Five quick checks to prevent attackers from weaponizing your websiteHere are some of the most frequent ways attackers can use your website and your web presence to harm your company, your users and the public at large.
Tips | 5 min read
How to hunt for reconnaissanceUse the hunting process to find attackers performing reconnaissance, through actions that aren’t things most users typically do, in your system.
Tips | 10 min read
Investigating Darktrace alerts for lateral movementLearn how Darktrace works and read an Expel review and features guide for Darktrace to decide if this AI cybersecurity platform is right for you.
Tips | 3 min read
How to disrupt attackers and enable defenders using resilienceSo… what is resilience? We’ll cover that and also how it works in this post. We’ve even thrown in a couple examples to get you started.