Tips | 5 min readHow to hunt for reconnaissance
Use the hunting process to find attackers performing reconnaissance, through actions that aren’t things most users typically do, in your system.
Security operations | 12 min readA common sense approach for assessing third-party risk
Let us walk you through our third-party assessment process. We think it's lightweight but still achieves the objective - determining if a vendor can be trusted. And, as a bonus, we're providing the third-party questionnaire and emails we use so you can download it and get going right away.
Tips | 10 min readInvestigating Darktrace alerts for lateral movement
Learn how Darktrace works and read an Expel review and features guide for Darktrace to decide if this AI cybersecurity platform is right for you.
Security operations | 5 min readWhat is (cyber) threat hunting and where do you start?
We want to demystify what threat hunting is and what it’s not. So here goes nothin’ ...
Security operations | 8 min readHow to get started with the NIST Cybersecurity Framework (CSF)
We give you a quick tour of the NIST CSF and describe how you can baseline your efforts in a couple of hours. So check it out.
Tips | 7 min readFrom webshell weak signals to meaningful alert in four steps
A practical example of how you can make a weak signal actionable by combining events from your endpoint and network security tech into one meaningful alert.