Tips

Cybersecurity Awareness Month always generates helpful dos and don’ts. But instead of the bullet points being something we think about doing, they must become things we do without having to think.

The OpenSSL Project has identified two security vulnerabilities affecting OpenSSL v3.0 and later. Potentially affected users of versions 3.0.0-3.0.6 should upgrade to v3.0.7 as soon as it is reasonable to do so.

Understanding authorization is critical to knowing how role-based access control (RBAC) works for securing Kubernetes. No matter your skill level, you must understand the rules that govern Kubernetes.

Monitoring your Kubernetes environment is important — especially if you’re running production workloads. This post explains what you should be looking for once you’ve collected the audit logs.

More than half our cloud customers use Kubernetes (k8s), which can help companies ship software faster, avoid platform lock-in, and reap cost savings from elastic infrastructure that scales on demand.

As proud Champions of Cybersecurity Awareness Month 2022, we’ve curated some Expel resources to help your organization improve its cybersecurity posture—this October, and beyond.

Looking to reduce the meeting load on your technical teams while maintaining effective communication and collaboration? Learn the tools and tips that our CTO uses to improve his team’s “meeting mojo.”

Cloud-based infrastructures can be confusing, but sometimes building a better security program starts with the basics. Try these pro tips to help focus the lens for detecting threats in AWS.

Establishing metrics is vital. But how do you report progress and have a conversation about what you’re seeing? Are you even looking at the right things? Here are some tips on measuring cybersecurity.

What do you do when you can’t trust the internet? Supply chain attacks like the SolarWinds Orion breach are not new. Here are some things you can do to help prepare and guard against similar attacks.

How can a SIEM help you address your business needs? Do you even need a SIEM? Finding the right answer isn’t easy. Here are some tips to help you make a decision that works best for you.

Attackers love to look to PowerShell to enact their evil plans. Expel’s senior data scientist tells us how she used machine learning to help analysts spot malicious activity in PowerShell quickly.

Red team engagements are essential to helping your SOC analysts stay battle ready. But before screaming, “CHARGE,” here are six things you should do to prepare for taking on a red team.

Switching to a multi-cloud solution? Easy! Just kidding. Expel’s senior detection & response engineer shares some things you need to think about when going multi-cloud – and how to stay sane.

We got a lot of questions about configuring Jupyter notebooks after presenting at Infosec Jupyterthon 2020. See our response along with some tips for incorporating this tech into infosec processes.

Many of us recently became remote workers. Now, more than ever, it’s important for us to understand how to keep our at home networks safe. Here are 10 tips to stay secure at home.

Over the weekend, Expel’s analysts discovered a new way attackers are using Zoom to compromise users’ security. Here’s what they learned and what you can do to avoid getting duped.

There are a few cybersecurity fundamentals that keep us safe … but how do you get the people in your org to adopt them? Our COO Yanek Korff’s got some ideas.

All good cybersecurity policies share some similar traits. Here are our pro tips for creating a solid policy for your own org.

There are four missteps we see happen often that open fast-growing companies up to unnecessary legal risks -- here’s how to course correct.

Need to get the security train back on the tracks? Our CEO’s got some pro tips on improving your org’s security ASAP.

You’re processing loads of data every day...but are you catching it all? Here are tips from our pros for rocking your data auditing.

Election security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.

Why do Amazon S3 bucket breaches happen and how can you protect your own org from making this mistake? We’ve got all the AWS pro tips for you in our latest post.

We use technologies behind the scenes to make Expel Workbench and our analysts more efficient. GreyNoise is one of those -- here's how we use it and why you might find it useful too.

We’ve heard lots of interesting Qs as prospective customers evaluate which solution's right for them... here are the 12 you should be asking.

As attackers behind BEC attacks find ever more clever tactics to use, it’s getting trickier for businesses to protect themselves. But here are some telltale signs you can look for that are tip-offs that something’s amiss.

If your team doesn’t have lots of incident response practice under their belt (yet!), a threat emulation exercise is the perfect way to help them flex those response muscles and improve your collective skills.

Seven smart ways to prepare for a tour of a security operations center (SOC) and five clues to watch out for during your visit.

Here are some of the most frequent ways attackers can use your website and your web presence to harm your company, your users and the public at large.

Use the hunting process to find attackers performing reconnaissance, through actions that aren’t things most users typically do, in your system.

Dive into a typical investigation and see how our analysts triage a Darktrace alert. Plus! We share some of our favorite Darktrace features.

So… what is resilience? We’ll cover that and also how it works in this post. We’ve even thrown in a couple examples to get you started.

A (very) quick overview of the reported WPA2 weakness.

Walk through a practical example of how you can make a weak signal actionable by combining events from your endpoint and network security technologies into one meaningful alert.

The three parts of the investigative mindset and how to apply them when you triage endpoint alerts.

Tactical advice on how to survive a security incident when you don’t have an incident response plan.