Talk to an expert

Tag: SOC

What Is Managed Detection and Response and Why Do You Need It?

The security of data and systems is one of the most important concerns in today' business world. If your data is at risk or compromised, it can cripple your operations along with the trust others have in your business.

F5 BIG-IP Vulnerabilities

Twelve days ago, F5 announced several security vulnerabilities that went primarily overshadowed by the Exchange/Hafnium situation. It's important to understand that some of these are critical, remote command execution-level vulnerabilities that require nothing more than an attacker to connect to an F5 BIG-IP device. For those devices, being positioned "in front of" web server clusters […]

Microsoft Exchange Vulnerability

As you may know, a zero-day vulnerability in Microsoft Exchange Server was published last week that is garnering a lot of attention. Microsoft has attributed this to a known threat actor that has now compromised thousands or even tens of thousands of systems with these attacks, though it's important to understand that other attackers are […]

5 Do's and Don'ts to Qualify Your Next MDR

(Updated April 2022) The success of your managed detection and response deployment hinges on asking the right questions.  Managed detection and response is a valuable element of your enterprise' security posture. With the right technologies in the hands of competent, highly trained analysts, you can significantly reduce security risks while paying a fraction of what […]

What is the MITRE ATT&CK Framework?

Learn about the MITRE ATT&CK® Framework and how cybersecurity teams leverage its matrix of tactics and techniques to assess risk and vulnerabilities within an organization. Definition  The MITRE ATT&CK Framework is a knowledge base of tactics and techniques that can be used as a foundation for classifying adversary behaviors and assessing an organization’s vulnerabilities.  Created in 2013 by the […]

MDR Service Delivery Options

Organizations of all sizes rely on managed security service providers (MSSPs) to deliver managed detection and response (MDR) and additional cybersecurity services at scale. Understanding the various service options can save your organization money and resources. The difference in technology and its usage is the primary differentiating factor between MDR providers. While some rely on […]

How a SOC Handles Credential Harvesting

Dealing with credential harvesters has its perks. Day in and day out I get to personally observe how sophisticated a phishing website can be. Some websites are so elaborate that only a trained analyst can identify them, while others are so obvious no one in their right mind would fall for it. Either way, if […]

5 Ways to Protect Your Business' Data During Tax Season

If you're an accountant or tax professional, you know that tax season is also scam season and that you're a prime target. Cybercriminals are using new, sophisticated scams that can compromise your website or infiltrate your systems with remote desktop software. These join the more traditional email-based attacks that trick you into installing malware that […]

Improving Visibility and Preventing a Miss - Part 1: Mandatory PowerShell Logging

One of the greatest risks for a SIEM or SOAR platform is missing that one event that helps with accurate detection. In general, misses can occur for several reasons, although in our experience, misses mostly stem from incorrect/empty PowerShell logs or merely a lack of logging required for advanced detection.

Castra is now part of Lumifi

Learn More
Privacy PolicyTerms & ConditionsSitemapSafeHotline