How not to suck in SIEM implementation
This article will focus mainly on important considerations when it comes to SIEM implementation. It also exposes some oversights during the run phase.
Should we review our cybersecurity basics?
Only a few minutes before the end of 2017, a heavy year on cybersecurity from huge breaches through ransomware spreading and new vulnerabilities disclosers, to new defense technologies loudly evolving all around. I feel however almost tactless when I look the other way around and try to depict all of this in the real-world projects […]
How to actually implement Threat Intelligence
As a starting point, a good basic understanding of possible Treat Intelligence integrations is a must. This will allow us to imagine fitting basic setup and future evolutions as TI operations mature inside the organization. We can form our first TI integration strategy on simple…
Why Equifax and Deloitte attacks detection took months?
Equifax and Deloitte breaches detection took months! Why is it the case for big firms like Equifax & Deloitte? A SOC specialist analysis.
Indicators of Compromise in Threat Intelligence – Let’s speak some InfoSec Jargon
Indicators of Compromise (IOC) are items of forensic data (like information found in event logs or network flows), that highly indicate conceivably nasty activity in an organization’s system…
VEVO’s breach! A SOC specialist point of view
It has been 4 days now that OurMine claimed have been able to leak more than 3TB of corporate information’s from VEVO. As you probably already know, OurMine’s recent targets included also