Security Monitoring and attack detection planning guide

Today, I had some time to read the “The security Monitoring and Attack Detection Planning Guide” by Microsoft. I have read different documents in the last couple of months aimed at security monitoring in the Microsoft endpoint however this document it is completely up to date and can help organizations to understand the requirements they…

Cyber Threat Hunting (2): Getting Ready

In my previous post I went through the basics of hunting and its benefits for the organization and for analysts. To continue the journey, today I am going to cover the preparations you need to do before you go out there and hunt. We are covering preparations and locations to hunt. As you need some…

Cyber Threat Hunting (1): Intro

After some long months debating whether to write a white paper, and what potential topics I could write about – I just decided that I do not have enough time to go through the process of writing a research paper for the next 6 to 12 months. Instead, I am taking some of my research and current…

December webinars

I leave you here some interesting webinars for those looking to get some CPE credits. I am currently researching the role of the use of privileges accounts in the attack lifecycle and some of these webinars focus on the subject. The Most Travelled Attack Path: Securing the Privileged Pathway Stopping Attacks Before They Stop Business…

Active Cyber Defense Tactics

Active cyber defense (ACD) is the concept of proactively opposing an attack in computers and networks. There are a series of tactics that can be applied in order to mitigate risk or detect adversaries inside the network. Active Hunting Security operations team focuses on reactive detection mainly based on signatures. In this scenario advanced attackers…

Advance Hunting and Content Development with RSA Analytics

Looking to extend my knowledge on Security Analytics from RSA I came across this video. It explains very well some of the capabilities SA from RSA provides, also some good practices to follow such as involved defenders in content development. It is a long video but easy to watch.

The new security paradigm shift (1)

From the early 80’s to the first decade of the new millennium, security has evolved very fast, however it is in the last decade that the fastest and biggest shift has happened. We all remember the famous movie ‘Hackers’, with the exotic Angelina Jolie and that punk look of the golden times. These hackers were moved…

Computer network defense operations, disrupting the enemy’s attack

In the last couple of weeks I have been reading different white papers related to network computer defense and the general idea in all of them is that the industry is moving towards a dynamic approach to computer network defense. In the past, IT would be dealing with the defense of corporate networks however that…