RSA at Black Hat 2016 — Can’t Wait!

Black Hat 2016 is fast approaching and I can’t wait!  The main event will take place on August 3rd and 4th at Mandalay Bay in Las Vegas.  Will you be there? If you are attending Black Hat, please stop by the RSA booth – #1108.  We have a lot of “goodness” planned for the security analysts…

Improving Speed of Investigation with Automation and Enrichment

It is important for security analysts to have all the details of the incident when investigating. By having the details, a security analyst can improve the speed of investigation but most importantly the investigation is effective to put in place a response plan. How can the security analyst get these details?  The first step is…

Automate Detection and Detect Early with Leading Indicators

The ultimate goal of any security monitoring program or Security Operations Center (SOC) team is to automate threat detection, to detect earlier in the attack lifecycle and to stop the threat actors from achieving their desired objectives of disrupting their business or stealing their IP or money. “Automating Threat Detection”, sounds simple enough, but how…

Learning to Fly.. But I Ain’t Got Wings..

Wanting to Fly.. And sometimes it feels like that when building your security incident detection, investigation and response capabilities. There are three aspects to building out your Security Operation Center (SOC) — People, Process and Technology.  The order of priority on where to invest and to focus efforts depends on you.  All three aspects — People,…

SOC Orchestration is the Key to Success

A well orchestrated concert is priceless!  We are spoiled in Boston as we probably have one of the best orchestrated music venues –  the Boston Symphony Orchestra.   Not just a music concert, a well orchestrated sports team, a well orchestrated vacation or a well orchestrated plan is a thing of beauty and it keeps everyone happy…

Security Investigations With Certainty

There is a lot of uncertainty these days and back in my college days in my Quantum Physics class, the Heisenberg Uncertainty Principle took the prize for uncertainty.    Heisenberg Uncertainty Principle states that you can never simultaneously know the exact position and the exact speed of an object. Security operations team could put the Heisenberg Uncertainty…