2024

The MITRE ATT&CK Framework is powerful if …

When managing a Security Operation Center, you will likely be asked how many MITRE ATT&CK tactics and techniques you have covered. At first glance, this might seem straightforward, but the answer is more complex. The MITRE ATT&CK framework is an extensive knowledge base of adversary tactics, techniques, and cyberattack procedures. It provides an incredibly valuable threat detection, response, and mitigation resource.

October 6, 2024

Increasing SOC’s effectiveness with well-defined use cases

The SOC is pivotal in protecting an organization’s digital assets, acting as the nerve center for detecting, investigating, and responding to cybersecurity threats. However, the SOC’s effectiveness is drastically improved with well-defined use cases to guide its operations. A use case provides the SOC with a focused, structured scenario or specific problem to address, ensuring its activities align with the organization’s unique threat landscape and security priorities.

September 15, 2024

Establishing a Cybersecurity Citadel: Forging a Digital Fort Knox

In an era dominated by digital landscapes, where technological advancements continue to reshape how we live and work, the paramount importance of cybersecurity cannot be overstated. As organizations and individuals become increasingly interconnected, the threat landscape evolves in tandem, necessitating a robust and adaptive defense strategy.

February 23, 2024

It’s all about the data

A robust monitoring service, integral to the operations of the IT Security department, is contingent upon the seamless and punctual ingestion of event and flow data. The significance of this timely acquisition cannot be overstated, as it forms the bedrock for proactive threat detection, incident response, and overall cybersecurity resilience.

February 16, 2024

2023

Creating your own virtual playground

In the dynamic and ever-evolving field of cybersecurity, maintaining a proactive approach toward skill development and continuous education is imperative. As a professional in this sector, it is essential not only to stay abreast of the latest advancements but also to actively contribute to the enhancement of your knowledge and expertise.

December 24, 2023

Fluency — An industry disruptor?

As reiterated consistently on this platform, the conventional SIEM solution, primarily relying on signature-based detection methods, has undeniably reached a point of obsolescence. Cybersecurity threats are evolving rapidly, rendering signature-based approaches insufficient in addressing the dynamic and sophisticated nature of contemporary attacks. Despite this, there persists a prevailing belief in the indispensable role of a SIEM solution in fortifying an organization’s cybersecurity posture.

December 3, 2023

When was the most recent instance in which you performed OSINT on yourself?

In our ever more interconnected and digital world, it might, at first, appear counterintuitive to champion the practice of conducting OSINT on the very company you are entrusted to safeguard. However, this seemingly paradoxical notion underscores a fundamental truth in the realm of cybersecurity and corporate defense — if you can access information about your organization through OSINT techniques, so too can malicious actors with potentially nefarious intent.

November 5, 2023

Hey data scientist, are you really listening to the security data?

Protecting your company against the evolving landscape of both current and past threats is a formidable challenge, one that some consider insurmountable. However, it’s crucial to remember that while it may be a daunting task, it should not be perceived as impossible. In fact, it’s imperative to recognize that modern security strategies need to adapt to the ever-changing nature of cyber threats. This adaptation relies on the effective utilization of data generated by security controls, a process that transforms raw data into actionable events.

October 29, 2023