Understanding the MITRE ATT&CK Framework
Before an organization can develop and maintain a successful and relevant threat detection and defense strategy, it must first gain a solid understanding of common adversary techniques. The organization needs to know the various activities that can pose a threat, and how to detect and mitigate them.
Digital Forensics: Sleuthing Against Cybercrime
While digital forensics may have come from a fairly dubious tradecraft background, it has grown to be a major part of many cyber crime investigations. Developments in the field in terms of research, tools and techniques have brought digital forensics to a whole new level.
Security Information and Event Management (SIEM): History, Definition, Capabilities and Limitations
What began as a tool for helping organizations achieve and maintain compliance, security information and event management (SIEM) rapidly evolved into an advanced threat detection practice. SIEM has empowered incident response and security operations centers (SOC) analysts as well as a myriad of other security teams to detect and respond to security incidents.
Intrusion Prevention Systems: Definition, Types, IDS vs. IPS
Every organization with a cybersecurity strategy has the goal of stopping cyber threats before they become real attacks and cause damage. Because of this, most cybersecurity strategies have turned to more proactive approaches, rather than relying only on reactive security measures.
Intrusion Detection Systems: Types, Detection Methods and Challenges
For years now, network security has been one of the main investments organizations of all sizes make to protect their networks, users and data.
JA3 Fingerprinting: Functionality, Pitfalls, and Future Outlook
With challenges as complex as the myriad of technologies involved, the need for accurate representation regarding all things cyber remains an elusive endeavour.
What is the NIST Cybersecurity Framework?
With growing interconnectedness and the amount of information and digital assets organizations store and process, one of today's biggest challenges is protecting that information.
Incident Response in Cybersecurity: Preparing for a Security Breach
Fueled by changes in how people live and work in the post-COVID world, more and more cyber attacks and data breaches are affecting organizations of all sizes. It's crucial to be prepared for the worst.
Business Email Compromise (BEC) Attacks: The Most Dangerous Form of Email Scam
Business email compromise attacks will have you doubting any email you receive, whether it's from your co-worker or even the CEO of your company.
Kerberoasting Attacks Explained: Definition, How They Work and Mitigation Techniques
In 2014, researcher Tim Medin, a senior SANS instructor and content developer, took the Infosec milieu by surprise when he disclosed Kerberoast.