Topics: News, Featured, Threat Management, Security Engineering, MITRE ATT&CK, SecOps
I recently listened to an excellent summary about why MITRE ATT&CK has taken over the SOC world (sorry, it's behind a paywall called "CSO Perspectives," but this blog post is intended to summarize... Read More>>
Topics: News, Featured, Threat Management, Security Engineering, MITRE ATT&CK, SecOps
At Black Hat 2022, our VP of Cyber Defense Strategy was interviewed on Security Guy TV to discuss why MITRE ATT&CK has become a standard way of describing your defensive posture to management as w... Read More>>
Topics: News, Featured, Threat Management, MITRE ATT&CK, SecOps
Summary This blog post summarizes new password stealing and impersonation risks recently discovered for Okta, along with recommended SIEM detection rules and associated MITRE ATT&CK techniques for... Read More>>
Topics: News, Featured, Threat Management, MITRE ATT&CK, SecOps
Summary This blog post summarizes Follina, an RCE zero-day discovered in Microsoft Office. It provides recommended detections in the native query languages for Splunk, Microsoft Sentinel, IBM QRadar, ... Read More>>
Topics: Featured, Threat Management, Security Engineering, MITRE ATT&CK, SecOps
"Organizations need to become more intentional about detection in their SOCs. What should we detect? Do we have use cases for those scenarios? Do they actually work? Do they help my SOC analysts effec... Read More>>
Topics: News, Featured, Threat Management, Security Engineering, MITRE ATT&CK, SecOps, Cloud
Dr. Anton Chuvakin Discusses “20 Years of SIEM – What’s Next?” Learn what Dr. Anton Chuvakin, Head of Security Solution Strategy at Google Cloud and former Gartner Research VP, has to say about questi... Read More>>
Topics: News, Featured, Threat Management, MITRE ATT&CK, SecOps
Spring into action (with SIEM detection rules for Spring4shell) The Spring Framework is an open source application framework that provides infrastructure support for developing Java applications. The ... Read More>>
Topics: News, Featured, Threat Management, MITRE ATT&CK, SecOps
Image credit: World of Dictionary A new player has entered the game The ”Lapsus$” group, unknown before December 2021, has made multiple headlines in recent weeks, following multiple data breaches in ... Read More>>
Topics: Featured, Threat Management, MITRE ATT&CK, SecOps
Welcome to cyber-physical conflict The current situation in Ukraine demonstrates once again how the lines have blurred between cyber and physical conflict. Read More>>
Anton Chuvakin, SIEM expert and former Gartner analyst (now at Google Chronicle) has written a thought-provoking blog post titled "SOC Threat Coverage Analysis — Why/How?". Read More>>
