The initial actions an organization takes in the moments after discovering a ransomware attack can have profound implications on how the attack ends. Virtually every security professional will tell you ransomware-based attacks are rapidly becoming the bane of the digital age, but that may not translate into chief information security…

Part of successfully setting up your security operations center (SOC) is defining your SIEM use cases.  Use cases help and support security analysts and threat monitoring goals. What is a use case? A use case can be a mix of multiple technical rules within the SIEM tool, or can be…

If I had polled cybersecurity experts on their way to work on May 12, 2017, most of them would have said they knew a major cybersecurity event loomed. Yet, on that day no one expected that they were walking into the perfect storm — in the form of WannaCry ransomware,…

With the advancements in data reporting gleaned from security information and event management (SIEM) tools and adjacent solutions, every security team today can face information overload and paralysis. To gain clarity within this murk, the practice of threat analysis has emerged and continues to evolve with time. With it, security professionals…