Metrics (Not Just Fun Facts!) Are key to driving a Business-Driven Security™ Strategy

Dave Gray & Azeem Aleem “What’s Measured Improves” Peter Drucker It’s mid-2017 and we have already witnessed the conundrum across organizations as the pressure of building a more efficient business creates loopholes for cyber criminals to gain an advantage. In a previous blog we talked about the traditional perimeter melting away and how the “not…

The Realm of Threat Intelligence – Attack Scenarios and Use Cases

The three previous blogs in this series have covered Packet Analysis, Log Analysis and Threat Intelligence; this final article aims to bring all of this information into one cohesive solution for any SOC or Cyber Defence organisation. For further reading on this subject please see our presentation at last year’s RSA Conference in Abu Dhabi…

The Realm of Threat Intelligence – Journey from the past into an Advanced SOC

Using Intelligence to gather information on your adversary is not a new concept, Military and Government Agencies have been involved gathering information to use against their opponents since the days of Sun-Tzu and Chanakya. Cyber Intelligence has also been the domain for Government agencies like the UK’s GCHQ and the US’s NSA for many years;…

The Realm of Threat Intelligence – The Logs are dead; long live the Logs!

In the previous blog post we looked at Network Packets (PCAP’s) and how they can be utilized within a SOC environment. In this post we will build on this and take a look at Logs (which most of the security sales staff will now tell you that it is going to solve all your security…

The Realm of Threat Intelligence – It’s all about the Packets, or is it?

Full Packet Capture (FPC), those three little words are enough to make most security analyst salivate at the prospect of finding and detecting attacks. Back in the days before anyone realized that you could build an Intrusion Prevention System to actually stop attacks, the Intrusion Detection System was king. If you were very lucky you…