Planning

Red team engagements are essential to helping your SOC analysts stay battle ready. But before screaming, “CHARGE,” here are six things you should do to prepare for taking on a red team.

Whether you work in security or are an informed voter (or both!), the security of our election ecosystem is everybody’s business. Here are the challenges our system faces and what we can do about them.

There’s lots to like about the NIST CSF. Here are our practical tips for how to use it, plus a preview of a new NIST feature we introduced in Expel Workbench™.

We love EDR tools too, but here are our best tips and tricks for combining EDR data with other (equally) important security signals.

What’s this new framework and how should you use it? Our CISO’s got all the details plus a FREE downloadable self-scoring tool to help you assess where your org’s at when it comes to privacy.

Is your data really safer in the server room next door? Probably not. Here are five reasons why the cloud offers better security than your on-prem environment.

Wondering what it takes to build an effective SOC full of motivated, happy analysts? We’ve got some thoughts on that.

NIST isn’t only useful for corporations -- it’s helpful for guiding security activities around processes like our national elections. Our CISO’s got some thoughts on exactly how to apply NIST to election security.

All good cybersecurity policies share some similar traits. Here are our pro tips for creating a solid policy for your own org.

Relativity CSO Amanda Fennell shares the top five, easy-to-get-started things she sees forward-thinking law firms doing to improve their security.

If you use or are considering trying JupyterHub, it’s your lucky day -- we’re sharing configuration tips and tricks, how we’re using it to make technical research easier, and much more.

So you decided you want to build a threat hunting program ... but where do you start? Here are our three must-dos when you’re planning your hunt.

SOAR isn’t really about “orchestration and response.” It’s an engineering problem at its core. Here’s why.

Your IT team isn’t racking and stacking servers like they used to, but cracking the cloud security code is easier than you think. Get our pro tips for doing just that.

If you’ve got a blank canvas with the opportunity to build a security program from scratch, here’s how to get started and make the most of your new program

The NIST Privacy Framework will revolutionize how we think about privacy. Here’s how your org might use it.

Practice these habits consistently and you’ll have an engaged, talented and all-around awesome security team.

Need to expand your security tool chest? Our CISO’s got some tips to consider when thinking about what tech to keep or buy.

There are four missteps we see happen often that open fast-growing companies up to unnecessary legal risks -- here’s how to course correct.

Need to get the security train back on the tracks? Our CEO’s got some pro tips on improving your org’s security ASAP.

Election security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.

We’ve heard lots of interesting Qs as prospective customers evaluate which solution's right for them... here are the 12 you should be asking.

If you're left holding the hot potato of a legacy lackluster security program, or are suddenly forced to protect your org and its data with less, here are a few quick steps to take to get cybersecurity efforts back on track.

If you're feeling like your SaaS security knowledge is a bit cloudy, these three pro tips will get you started on the right path.

Close common compliance gaps, without building a SOC, for NIST 800-171 security requirements. And a bit about how we can help.

Seven smart ways to prepare for a tour of a security operations center (SOC) and five clues to watch out for during your visit.

Understanding how to think about cloud security differently is half the battle. We've thought a lot about it, and we’ve identified three key points that should inform your cloud strategy.

Oh Noes! is a role-playing game designed to help you and your organization become better prepared to respond to cybersecurity incidents.

Let us walk you through our third-party assessment process. We think it's lightweight but still achieves the objective - determining if a vendor can be trusted.

In case doing a “stare-and-compare” of the original and updated frameworks isn’t your idea of fun, I’ve highlighted three important changes here.

We give you a quick tour of the NIST Cybersecurity framework and describe how you can baseline your efforts in a couple of hours. So check it out.

Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs.

NIST has polished up their Cybersecurity Framework based on thousands of organizations implementing it over the past three years. Our CISO, Bruce Potter, highlights three of the most significant (and practical) changes.

Guidance and a short list of things you can do to help you answer the common question "how much should I spend on cybersecurity?"

Tactical advice on how to survive a security incident when you don’t have an incident response plan.