The Curse of the Medium-Priority AlertWhat comes back to bite us when we stop looking?Dec 15, 2020Dec 15, 2020
Why Log Analysis is Still Our Primary Security Investigation ToolIt started with a moderately prioritized SIEM alert triggered by the firewall allowing external traffic right after the Intrusion…Dec 1, 2020Dec 1, 2020
Why Security Analytics Should Start With the End in MindWhile many organizations collect data to ‘see what they get’, successful implementations take an analytics first approachNov 10, 2020Nov 10, 2020
Four Steps for Faster Security Alert TriageDiscover how to use your existing controls to consolidate alerts and tune severity scores to respond to the highest probability of active…Sep 22, 2020Sep 22, 2020
Cybersecurity is Like Playing Dungeons & DragonsHow our security operations mirror the fantasy tabletop role-playing gameSep 8, 2020Sep 8, 2020
Why Security Analysts Don’t Trust AlertsThink about what it means to be a security analyst. Do you have a picture in mind? The variety is amazing. Some work in mature security…Aug 26, 2020Aug 26, 2020
Three Impediments to Cybersecurity OperationsWhy is Ground Truth so critical for cybersecurity operations?Aug 11, 2020Aug 11, 2020