In an earlier blog post we looked at how security operations centre (SOC) teams can shift their services up a gear, through better automation, behavioural analysis and threat hunting. The concept of threat hunting isn’t new to security operations; yet, it’s one of the most misunderstood functions a SOC team performs.
Read MoreThis blog looks at how cyber drills using your SIEM deliver enhanced learning outcomes for your SOC team.
Read MoreThis blog looks at the increasing volume and frequency of software upgrades and explores how your information security team can take control of the change process and improve situational awareness.
Read MoreThis blog post looks at the Hybrid SOC model, what it is and why it is worth considering for your operation.
Read MoreMonitoring privileged access from your SOC is the best way to detect potential insider threats. Recently, several news stories have shown how important it is to have the tools in place to manage the threat of rogue employees with too many privileges. Facebook, for example, had to fire multiple employees for, “snooping on users,” according to one story reported on Motherboard[1].
Read MoreWhat factors do CISOs take into account when choosing a SOC service model? Information security is high on the agenda of every UK and Australian board these days, especially given the changes in privacy legislation and mandatory data breach notification. However, security is a highly complex issue and requires a deep conviction throughout the business to be successful.
Read MoreShould you implement ISO 27001 or align with security controls such as ASD’s Essential Eight or NCSC’s Top 10? Often businesses struggle when deciding which security standards or compliance requirements should be adopted.
Read MoreThose who run security operations centres (SOC) acknowledge that the more automation built into the service, the more likely analysts will have the time to hunt for threats. Yet, the path to SOC maturity isn’t one that most SOCs follow. This blog looks at three levels of maturity that SOCs can pass through before being properly integrated with the rest of the business’s service management processes.
Read MoreThis is a short post looking at the challenges of adopting unknown software; challenges that include a lack of change control, IT security and ISMS involvement, as well as the increased chance of cyber-attack and loss.
We will look at network based shadow IT, the advent of shadow IT via the Cloud and tips to tackle the threat.
Read MoreTechnical security teams often concentrate their event monitoring on network and security appliances, forgetting that the richest source of infrastructure intelligence is the operating system. Read this post to learn how to get the most of our your Windows auditing infrastructure.
Read More