Category: SOC Best Practices

80 results

Page Results

How Automation Can Help You Respond to Hacked Credentials Circulating the Dark Web
post

Much like the legitimate economy, the cybercriminal marketplace experiences ebbs and flows. Current factors working against it include the ripple…

What Is SIEM? What Is SOAR? How Do They Compare? Do You Need Both?
post

With all the acronyms floating around in cybersecurity, it is easy to get confused by what means what. Security information…

Veteran CISO Tammy Moskites on Budgets, Incident Spikes and the “Best BC/DR Experience of Our Lives” (Video)
post

Before COVID-19 arrived, Tammy Moksites was a road warrior, hand-shaker and self-professed big hugger. So while she misses how life…

8 Best Practices for Secure Remote Work Access
post

As more and more employees have transitioned to working remotely, the cybersecurity threats that their organizations face have changed. While…

How SOAR Can Take Your Security Budget Further in Turbulent Times
post

When stay-at-home orders came down for much of the world in March, few businesses were spared the consequences of trying…

Preventing Data Exfiltration: Definition, Examples and Best Practices
post

As one of the biggest threats to data security, data exfiltration has the potential to result in devastating outcomes for…

Kraken CISO Nick Percoco on the Crypto Exchange’s “Productive Paranoia” and the Future of Protecting Home Networks (Video)
post

  Audio Version Episode 3 of SOC Quarantine Diaries catches up with veteran security mind Nick Percoco, whose renowned career…

Looks Can Be Deceiving: Context and the New Normative in Log and Event Analysis
post

(The following is a guest post written by Alissa Knight, an ethical hacker, entrepreneur and author.) Is your SIEM or…

What is Vulnerability Management?
post

IT infrastructure is more complex and interconnected than ever. For attackers, this provides a gold mine for easy attack vectors….

How Security Teams Are Automating, According to a New SANS Survey
post

Automation did not enter popular lexicon until the 1940s, when Henry Ford introduced an official “automation department” at his Michigan…

A Tier III SOC Engineer on Multi-Tasking and Communication During an Extended Crisis (Video)
post

  Episode 2 of “SOC Quarantine Diaries” welcomes Rod Arthur, a Level III SOC engineer at business process services company…

What is Incident Response? A 5-Step Plan to Resolve Security Events
post

In the context of cybersecurity, incident response refers to the tools, processes and methodologies that businesses use to respond to…

What is SIEM? The Roadmap to a Better SOC
post

As the frequency and severity of data breaches continues to increase, and users become more concerned about privacy and the…

GDS SOC Leader Tracey Webb on Putting “the Fear of God” in Remote Workers and Leaning Into a New Normal (Video)
post

Welcome to the first episode of SOC Quarantine Diaries, a new virtual video series presented by Siemplify that examines life…

SOC 101: Getting Started with Playbook Design (Video)
post

  Every artist starts with a blank canvass. That goes for security operations teams, as well, who must illustrate their…

3 Emerging Remote Security Use Cases Addressable with SOAR Playbooks
post

Even as many SOC teams have shifted to remote operations in recent weeks, the basics of their mission are unwavering:…

A Compare-and-Contrast Between Next-Gen SIEM and SOAR
post

(The following is a guest post written by Alissa Knight, an ethical hacker, entrepreneur and author.) The average lifespan of…

Introducing a Technical Guide to Remote Security Operations
post

The widespread coronavirus-forced lockdown is unlikely the first time security operations teams have had to temporarily migrate away from physically…

SOC 101: Building Your SOC with People, Processes and Technology (Video)
post

  Your security operations relies on people, of course, but it also fundamentally leans on processes and technology to succeed….

Security Orchestration, Automation and Response: Everything You Need to Know to Get Started
post

Security operations is a well-established discipline — many businesses have even had SecOps strategies in place for decades. Yet the…

9 Security Orchestration and Automation Benefits: How SOAR Helps Improve Incident Response
post

On average, 800 attacks per hour pummel 76 U.K. councils, according to global insurance firm Gallagher. That volume of attacks…

How Cybercriminals Are Actively Exploiting the Coronavirus/COVID-19 Crisis
post

Security researchers around the world have their work cut out for them keeping track of malicious scams and campaigns surrounding…

An Insider’s Look at MISP for Open-Source Threat Intelligence (Video)
post

Siemplify Technical Account Manager Arnaud Loos builds on his “Open-Source SOC” whiteboard video with a deep dive into the Malware…

SOC’ing from Home? How to Migrate to Remote Security Operations in the Age of Coronavirus
post

The coronavirus pandemic is reshuffling our priorities and changing life as we know it, and with the climax of the…

Introducing the All-in-One Guide to Maturing Your MSSP
post

The managed security services market is booming. If you have recently joined this hot marketplace, congratulations, it is an exciting…

The Open-Source SOC (Whiteboard Video)
post

  Siemplify Technical Account Manager Arnaud Loos is back with another whiteboard, this one building on his previous discussion around…

3 Unique Causes of Burnout for Security Operations Professionals
post

Burnout is a condition that transcends industries. But Amanda Berlin, CEO of Mental Health Hackers, a nonprofit whose mission is…

4 Ways the Coronavirus May Affect Cybersecurity Operations
post

Security operations professionals are used to staying on top of the latest computer viruses and other malware targeting the organization’s…

The Unintended SecOps Consequences of Digital Transformation
post

Between networks, endpoints, cloud technologies and critical infrastructure, digital footprints are growing for virtually every organization. This means greater efficiency…

How Security Orchestration Supercharges Your SOC
post

A security operations center (SOC) is responsible for preventing any cybersecurity breaches in an organization’s network. This huge undertaking involves…

Getting to Know Your Data With Elasticsearch (Whiteboard Video)
post

Welcome to the first installment of our revamped whiteboard series! The show-and-tell nature of these videos, plus their relatively fast-paced…

Sitdown with a SOC Star: 11 Questions with Chris Elliot of Hulu
post

When you hit the couch to binge a new TV series, the last thing you’re likely thinking about is that…

Introducing the Art of Recognizing and Surviving SOC Burnout: A Complete Manual for Security Operations Professionals [Interactive E-Book]
post

I quit my job because of burnout Burnout can hurt your heart, literally Is burnout actually a form of depression? …

Iranian Retaliatory Cyber Threats Are a Reminder of the Importance of Sound Incident Response
post

As if security operations professionals don’t have enough on their plates, they can add a new geo-political event — the…

The 7 Most-Read Siemplify Blog Posts Published in 2019
post

The Siemplify Blog is one of the easiest and most prolific ways we communicate with the security operations community at…

Sitdown with a SOC Star: 11 Questions with Jesse Emerson of Trustwave
post

Welcome back to our continuing Q&A series – “Sitdown with a SOC Star” – in which we pose 21 questions…

Automatic for the SOC People: How Automation Can Quell Those Pesky False Positives
post

This post first appeared in Cyber Defense Magazine’s December edition.  As a newly hired cybersecurity analyst, you’re excited to start…

Expert Advice to Help Security Operations Centers Survive the Holidays
post

‘Tis the season for giving thanks, holiday cheer and … cyberthreats. One of those three probably isn’t on your wish…

What a Doctor’s Visit Can Teach Your SOC About Reducing MTTD and MTTR
post

Recently I took my 4-year-old daughter to the doctor’s office for a run-of-the-mill ear infection. Generally our wait time with…

How to Convince Your Executives and Board to Support Security Operations
post

Whether you have stood up an in-house security operations center (SOC), outsource your efforts to a managed security services provider,…

3 Key Benefits of Automating the Grunt Work of Your Security Operations
post

It’s hard to believe that cars were once put together by hand, but it’s true. The early auto workers toiled…

Incorporating the MITRE ATT&CK Framework into Your SOAR to Deliver Faster Investigations and Improved Visibility
post

  Everyone involved in the triage, investigation and response to security incidents battles the same adversary: Time.  Whether you are…

Sitdown with a SOC Star: 11 Questions with Cameron Rayner of Crowe LLP
post

There are many gifted security operations professionals in the world, grinding day after day, without much fanfare. Most, of course,…

How to Handle Shift Handovers in the Security Operations Center
post

Imagine being a patient in a hospital, and when your knowledgeable caretaker leaves for the day, the incoming attendant is…

5 Awesome Resources to Sharpen Your Security Operations Know-How
post

Learning never takes a break. Here are five instructive, compelling and – most important of all – practical resources that…

Introducing the No-Nonsense Guide to Security Operations Metrics
post

Few places inside the business demand metrics quite like the security operations center (SOC). Think about it: Not only has…

How to Prepare Your Security Operations for the Continuing IoT Upsurge
post

Cloud computing has caused headaches for businesses across the globe. But just as we begin to understand the complex nature…

How Security Operations Teams Are Winning Amid SOC Challenges (Video)
post

  Alert fatigue, skills shortages, process shortfalls and budget restrictions are all working against the security operations center (SOC), which…

The 5 Biggest Things Holding Back Security Operations Centers from Success
post

Smart, risk-minded organizations, when considering how to ensure the continuity of their business, hope for the best but prepare for…

SOC Automation 101: How to Use SOAR to Overcome Time-Consuming Tasks and Address Alerts (Video)
post

  With the introduction this year of so-called “robot umpires” into professional baseball – as part of an experiment in…

Why Successful SOCs Detect Earlier and Respond Faster
post

  Of all the security operations center efficacy metrics, arguably none is more indicative than mean time to detect (MTTD)…

Powerful Case Management in the SOC: 4 Things You Need to Know
post

  Effective case management can be a real game-changer for your security operations center (SOC). Squared up against a complex…

Black Hat Recap: Automation is Key to Managing Threats and Scaling the Future of Security (Video)
post

  Another Black Hat USA is in the books, and anyone leaving the festivities feeling apprehensive about the state of…

4 Straightforward Things Every SOC Should be Doing to Counter Phishing
post

Tim Condello, senior customer success manager at Siemplify, contributed to this post. A recent study found that 83 percent of…

5 Ways to Relieve Burnout in the Security Operations Center
post

Amid all the dismal headlines that have become routine reading for security professionals (such as this study, which referenced cybercrime…

Introducing The Road to Security Operations Maturity: A Cyentia Institute Research Report
post

If you compare two companies that are similar in all of the key ways – size, industry, revenue – what…

How SOAR Helps You Save Time When Probing Malicious Insider Threats (Video)
post

  Security operations centers deal with a variety of cases, and one of the most uncomfortable is the insider threat…

How to Harness the Benefits of Threat Hunting Despite the Security Skills Shortage (Video)
post

  Threat hunting is arguably one of the most overused and misunderstood terms in security. If you were to get…

Using Deception and Automation to Reduce Attacker Dwell Time
post

In the treatise, “The Prince,” Niccolo Machiavelli, a 16th-century political theorist, muses about using deception to gain advantage over political…

Why Your Cybersecurity Use Cases Should Span the Lifecycle of a Threat
post

Typically when security operations teams think about security use cases, they focus on detection scenarios, thanks to the shift underway…

3 Ways Automation and Orchestration Can Help You Stem the Insider Threat
post

It’s easy for businesses to overestimate the risk posed by external threats and underrate the insider threat hazard. After all,…

How the “Diamond Model” Can Help SOC Analysts Boost Incident Response
post

If it hasn’t happened to you yet, it will: Attackers have breached your defenses and are stalking your network. What…

3 Types of Collaboration That Need to Be Originating from Your Security Operations Center
post

Each year, right around the time when winter turns to spring in the United States, 64 college basketball teams stage…

Building a Holistic Cybersecurity Metrics Program
post

An organization’s ability to discover and reduce risk in a more preventative manner rests heavily on having clear cybersecurity and…

Introducing Siemplify v4.25
post

You ask and we deliver. Siemplify version 4.25, the latest release of our award-winning security orchestration, automation and response (SOAR)…

What You Should Know about Driving Down MTTD and MTTR
post

Effectively connect people, process and technology to minimize MTTD and MTTR There’s a reason it’s said that what gets measured…

Creating a Foundation for Proactive Incident Response
post

As a Boy Scout, you’re trained to be prepared – always in a state of readiness in mind and body…

Putting Your Incident Response Processes to the Test
post

Are You Regularly Testing Your Incident Response Processes?     Surely you remember it well. Your class being gathered and…

Automated Incident Response – How Enterprises Benefit from it?
post

Automated Incident Response Addresses Key Security Operations Inefficiencies In this era where cyber threats occur rapidly and nonstop, combining incident…

Most Used Playbooks: Using SOAR to Identify Phishing Attacks
post

The Most Used Playbook Of 2017 series brings you the production playbooks noted by our professional services team as being most…

3 Best Ways to Approach Security Incident Management
post

The landscape of Security Incident Management has altered drastically Ten years ago, the term “security incident management” was not commonplace…

The Top Priority Procedures For Incident Response
post

Cybersecurity has become an increasingly challenging landscape to navigate. Having said that, there has been a constant evolution from conventional…

New Research On Security Orchestration, Automation & Incident Response
post

In early 2017, Siemplify, in partnership with Enterprise Strategy Group (ESG), conducted extensive research on the priorities and challenges within…

How to Build a Cyber Incident Response Plan | Siemplify
post

Planning is Vital to a Successful Cyber Incident Response Program Before embarking on anything new – buying a new house,…

Siemplify Wins 2017 Cutting Edge Incident Response Solution.
post

Cyber Defense Magazine has announced that Siemplify has won the 2017 Award for Most Cutting Edge Incident Response Solution. Siemplify…

Driving ROI from Threat Intelligence & Security Operations
post

Over the last few years, the issue of corporate cybersecurity has gone high profile and accordingly, budgets allotted to combating…

Shift To Response Requires Rethinking Security Infrastructure
post

When it comes to corporate information security, it often feels like hackers have the advantage. In the September issue of (in)Secure Magazine ,…