Talk to an expert

Tag: Security Operations Center (SOC)

What Does It Cost to Build a Security Operations Center (SOC)?

What Does It Cost to Build a Security Operations Center (SOC)?

Your organization needs dedicated space and infrastructure for conducting security operations.   Introduction to Security Operations Centers (SOCs)  Your SOC is where most of your organization’s security processes take place. Those processes require specialized equipment and expertise. Consolidating that footprint into a single place makes economic sense and drives security performance.  That doesn’t mean every […]
The Fayetteville Public Works Commission (FAYPWC)

Fayetteville Public Works Commission Relies on Lumifi to Extend SOC Capabilities

Lumifi expands the utility provider’s ability to secure its OT infrastructure and mitigate cyberattack risks The History: The Fayetteville Public Works Commission (FAYPWC) provides municipal water, power, and sewer services to over 120,000 people in North Carolina. As the public utility sector faces increasing cyberattack threats, FAYPWC needed to establish a robust, multi-layered security posture […]
Top 3 Microsoft 365 Security Concerns and What to do About Them

Top 3 Microsoft 365 Security Concerns and What to do About Them

Microsoft 365 is immensely popular across all industry verticals in the small-to-medium-sized business (SMB) space. It is often the killer app for a business and contains valuable, critical information about the business. Accordingly, Microsoft 365 resiliency and defense are top concerns on IT leader’s minds.
5 Security Tips for Small and Multi-location Tax and Accounting Firms: Tax Season and Beyond

5 Security Tips for Small and Multi-location Tax and Accounting Firms: Tax Season and Beyond

Tax season is a busy time of year for hackers, given the ample opportunities to steal personal and financial information through phishing, hacking into computer networks, or other underhanded methods. Here are five tips that go beyond the basics you probably already know, like watching out for phishing and malware, keeping your anti-virus software up-to-date and using different hard-to-guess passwords for different services.
Avoid Three Common Active Directory Security Pitfalls

Avoid Three Common Active Directory Security Pitfalls

While the threats have changed over the past decade, the way systems and networks are managed have not. We continue with the same operations and support paradigm, despite the fact that internal systems are compromised regularly.
Buy, Rent, or Uber Your Security Operations Center

Buy, Rent, or Uber Your Security Operations Center

For cyber criminals, everyone’s a target. We must assume that, at some point, every organization’s IT infrastructure will be breached. That’s why we need to continuously monitor, investigate, and respond to cyber threats 24/365 if we are to avoid costly breaches.
MSSP Live 2022 Top MSP Cybersecurity Takeaway: Teamwork Makes the Dream Work

MSSP Live 2022 Top MSP Cybersecurity Takeaway: Teamwork Makes the Dream Work

A common dedication to providing excellent client services, a driving need to enhance cybersecurity capabilities and an outstanding cyber monetization opportunity generated tremendous energy and focus among attendees at the recently concluded first annual MSSP Live event.

Pay Attention to System Security Access Events; logon

Pay Attention to System Security Access Events

There are five different ways you can log on in Windows called “logon types.” The Windows Security Log lists the logon type in event ID 4624 whenever you log on.
The True Cost of Setting Up and Operating a 24x7 Security Operations Center (SOC)

The True Cost of Setting Up and Operating a 24x7 Security Operations Center (SOC)

Understanding the costs behind setting up and running a Security Operations Center is important to making informed decisions about how much protection you can afford and how you will go about acquiring it. The simple answer to the question “How much does a SOC cost?” is that it depends on many variables. In this article we will break down those variables and provide typical costs that you can use to inform your decision making about how to best protect your organization.
Ten Work-from-Home Cybersecurity and Productivity Tips

Ten Work-from-Home Cybersecurity and Productivity Tips

More Work-from-Home (WFH) scenarios due to COVID-19 present challenges as employees move from a trusted and secured office network to home networks with a variety of technology and cybersecurity rigor. Here are some tips to stay safe as you and your employees work remote.
Use Automation to Enhance the Value of Human Expertise in the SOC

Use Automation to Enhance the Value of Human Expertise in the SOC

Automation isn't always a replacement for human expertise. The two must work together to generate lasting security value.  Security Operations Centers have struggled with workforce shortages for years. Experts were already alarmed at the growing cybersecurity talent gap back in 2017.  
Security Signals Everywhere: Finding the Real Crisis in a World of Noise

Security Signals Everywhere: Finding the Real Crisis in a World of Noise

Imagine dealing with a silent, but mentally grating barrage of security alerts every day. The security analyst’s dilemma?
Consolidation: The Cure for Cybersecurity Vendor Sprawl

Consolidation: The Cure for Cybersecurity Vendor Sprawl

There are three cybersecurity “givens” that small-to-medium-sized businesses (SMBs) often face. One is you are not too small to be targeted by cyber criminals. Even big ransomware gangs are refocusing their efforts on mid-sized victims to avoid scrutiny. A second is that your attack surface is expanding – particularly with the move to cloud, Software-as-a-Service (SaaS) adoption, and Work-From-Home (WFH) – while threat actors continue to evolve new, more sophisticated approaches.
How SOC-as-a-Service Enhances Security Operations

How SOC-as-a-Service Enhances Security Operations

Faced with rising cybersecurity concerns, MSPs and mid-sized organizations are maturing their security posture beyond a network operations center and help desk. But few have realized a centralized security operations center (SOC) with a formal charter and full-time staff.
What Is Managed Detection and Response and Why Do You Need It?

What Is Managed Detection and Response and Why Do You Need It?

The security of data and systems is one of the most important concerns in today' business world. If your data is at risk or compromised, it can cripple your operations along with the trust others have in your business.

F5 BIG-IP Vulnerabilities

Twelve days ago, F5 announced several security vulnerabilities that went primarily overshadowed by the Exchange/Hafnium situation. It's important to understand that some of these are critical, remote command execution-level vulnerabilities that require nothing more than an attacker to connect to an F5 BIG-IP device. For those devices, being positioned "in front of" web server clusters […]
Microsoft Exchange Vulnerability

Microsoft Exchange Vulnerability

As you may know, a zero-day vulnerability in Microsoft Exchange Server was published last week that is garnering a lot of attention. Microsoft has attributed this to a known threat actor that has now compromised thousands or even tens of thousands of systems with these attacks, though it's important to understand that other attackers are […]
5 Do's and Don'ts to Qualify Your Next MDR deployment

5 Do's and Don'ts to Qualify Your Next MDR

(Updated April 2022) The success of your managed detection and response deployment hinges on asking the right questions.  Managed detection and response is a valuable element of your enterprise' security posture. With the right technologies in the hands of competent, highly trained analysts, you can significantly reduce security risks while paying a fraction of what […]
What-is-the-MITRE-ATT&CK-Framework_

What is the MITRE ATT&CK Framework?

Learn about the MITRE ATT&CK® Framework and how cybersecurity teams leverage its matrix of tactics and techniques to assess risk and vulnerabilities within an organization. Definition  The MITRE ATT&CK Framework is a knowledge base of tactics and techniques that can be used as a foundation for classifying adversary behaviors and assessing an organization’s vulnerabilities.  Created in 2013 by the […]
MDR-Service-Delivery-Options; managed detection and response

MDR Service Delivery Options

Organizations of all sizes rely on managed security service providers (MSSPs) to deliver managed detection and response (MDR) and additional cybersecurity services at scale. Understanding the various service options can save your organization money and resources. The difference in technology and its usage is the primary differentiating factor between MDR providers. While some rely on […]
How a SOC Handles Credential Harvesting

How a SOC Handles Credential Harvesting

Dealing with credential harvesters has its perks. Day in and day out I get to personally observe how sophisticated a phishing website can be. Some websites are so elaborate that only a trained analyst can identify them, while others are so obvious no one in their right mind would fall for it. Either way, if […]
5 Ways to Protect Your Business' Data During Tax Season

5 Ways to Protect Your Business' Data During Tax Season

If you're an accountant or tax professional, you know that tax season is also scam season and that you're a prime target. Cybercriminals are using new, sophisticated scams that can compromise your website or infiltrate your systems with remote desktop software. These join the more traditional email-based attacks that trick you into installing malware that […]
Improving Visibility and Preventing a Miss - Part 1: Mandatory PowerShell Logging

Improving Visibility and Preventing a Miss - Part 1: Mandatory PowerShell Logging

One of the greatest risks for a SIEM or SOAR platform is missing that one event that helps with accurate detection. In general, misses can occur for several reasons, although in our experience, misses mostly stem from incorrect/empty PowerShell logs or merely a lack of logging required for advanced detection.
The True Cost of Information Security

The True Cost of Information Security

In-House vs. Outsourced SIEM Management: Discover the True Cost of IT Security (Updated November 2022) Your SIEM management needs will grow over time. Can your information security team follow suit? Security information event management is one of the pillars of effective information security. Capturing and investigating event logs lets security operators detect and respond to […]

🚨 New Webinar Alert! 🚨

Q2: SOC Quarterly Threat Briefing

🗓️ Date: July 24th, 2024
🕒 Time: 11 AM (PT)

Secure Your Spot!
Privacy PolicyTerms & ConditionsSitemapSafeHotline
magnifiercrossmenuchevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram