How to
Security operations | 8 min read
How to get started with the NIST Cybersecurity Framework (CSF) 2.0We give you a quick tour of the NIST CSF and describe how you can baseline your efforts in a couple of hours. So check it out.
Security operations | 8 min read
How much does it cost to build a 24×7 SOC?Not all 24x7 SOCs are created equal. Here we outline four possible security operations centers and an estimate of your costs.
Security operations | 8 min read
Using JupyterHub for threat hunting? Then you should know these 8 tricks.Jupyter Notebook gave us the freedom to rethink the way we analyzed hunting data. Here are some tips and tricks you can use in your own analysis.
Tips | 10 min read
Seven ways to spot a business email compromise in Office 365Learn what business email compromise is, BEC scams categories, and how to prevent or identify these spam phishing attacks in Office 365 including mailbox rule examples and more.
Tips | 8 min read
Why we love threat emulation exercises (and how to get started with one of your own)If your team doesn’t have lots of incident response practice under their belt (yet!), a threat emulation exercise is the perfect way to help them flex.
Security operations | 4 min read
How to start a cybersecurity program (or restart one that lapsed)If you're left holding the hot potato of a legacy lackluster security program, or are suddenly forced to protect your org and its data with less, here are a few quick steps to take to get cybersecurity efforts back on track.
Security operations | 3 min read
Three tips for getting started with cloud application securityIf you're feeling like your SaaS security knowledge is a bit cloudy, these three pro tips will get you started on the right path.
Security operations | 3 min read
Office 365 security best practices: five things to do right now to keep attackers outHere are five Office 365 security best practices to check out right now.
Tips | 6 min read
How to get the most out of your upcoming SOC tour: making your provider uncomfortableIf you’re in the market for an MSSP or looking to keep tabs on your existing provider, visiting their security operations center (SOC) can be a good way to get a sense for what you’re really buying. Let us walk you through how to prepare for your visit to get the most out of your visit.
Security operations | 7 min read
Getting a grip on your cloud security strategyUnderstanding how to think about cloud security differently is half the battle. At Expel, we've thought a lot about it, and we’ve identified three key points that should inform your cloud strategy.
Tips | 4 min read
Five quick checks to prevent attackers from weaponizing your websiteHere are some of the most frequent ways attackers can use your website and your web presence to harm your company, your users and the public at large.
Tips | 5 min read
How to hunt for reconnaissanceUse the hunting process to find attackers performing reconnaissance, through actions that aren’t things most users typically do, in your system.
Security operations | 12 min read
A common sense approach for assessing third-party riskLet us walk you through our third-party assessment process. We think it's lightweight but still achieves the objective - determining if a vendor can be trusted. And, as a bonus, we're providing the third-party questionnaire and emails we use so you can download it and get going right away.
Security operations | 7 min read
Lessons learned from a CISO’s first 100 daysIn this guest post, Amanda Fennell, CSO at Relativity reflects on what she’s learned -- I recently finished my first 100 days as Chief Security Officer (CSO) of Relativity. I’ve learned a lot. And while every new CSO faces unique challenges, I’ve come up with some recommendations to help new CSOs.
Talent | 9 min read
A beginner’s guide to getting started in cybersecurityOur list of five things you can do to take the first steps to an entry-level technical cybersecurity career and more.
Security operations | 8 min read
What “I Love Lucy” teaches us about SOC performanceA little nerdy (and a lot math-y) post to help you better understand your SOC's systems, so you know how changes will impact its operation.
Tips | 3 min read
How to disrupt attackers and enable defenders using resilienceSo… what is resilience? We’ll cover that and also how it works in this post. We’ve even thrown in a couple examples to get you started.