Tips | 5 min read
How to hunt for reconnaissance

Use the hunting process to find attackers performing reconnaissance, through actions that aren’t things most users typically do, in your system.

Security operations | 12 min read
A common sense approach for assessing third-party risk

Let us walk you through our third-party assessment process. We think it's lightweight but still achieves the objective - determining if a vendor can be trusted. And, as a bonus, we're providing the third-party questionnaire and emails we use so you can download it and get going right away.

Tips | 10 min read
Investigating Darktrace alerts for lateral movement

Learn how Darktrace works and read an Expel review and features guide for Darktrace to decide if this AI cybersecurity platform is right for you.

Security operations | 5 min read
What is (cyber) threat hunting and where do you start?

We want to demystify what threat hunting is and what it’s not. So here goes nothin’ ...

Security operations | 8 min read
How to get started with the NIST Cybersecurity Framework (CSF)

We give you a quick tour of the NIST CSF and describe how you can baseline your efforts in a couple of hours. So check it out.

Tips | 7 min read
From webshell weak signals to meaningful alert in four steps

A practical example of how you can make a weak signal actionable by combining events from your endpoint and network security tech into one meaningful alert.