Understanding APIs: REST

| | secops
Security orchestration, automation and response (SOAR) platforms rely heavily on APIs (application programming interfaces) to drive orchestration of disparate security tools (products) and invoke desired responses in the form of actions. Besides SOAR products, APIs are commonplace among almost all services, tools, and products used by technical workers. Even though ... Read More

Best practices for your Vulnerability Management Program

|
Nowadays most organizations have begun to implement a Vulnerability Management Program (VMP), but implementing one is daunting. Most organizations realize they either have no true categorical ownership over systems or they lack the authority to enforce remediation of identified vulnerabilities. Either way, it is time consuming to track down and ... Read More

Best practices for your Vulnerability Management Program

|
Nowadays most organizations have begun to implement a Vulnerability Management Program (VMP), but implementing one is daunting. Most organizations realize they either have no true categorical ownership over systems or they lack the authority to enforce remediation of identified vulnerabilities. Either way, it is time consuming to track down and ... Read More

Every security team is a software team now: Why you should attend the Black Hat keynote

| | News and Events, secops
Building and facilitating a culture with continuous collaboration between engineers and security forces is becoming the new philosophy in security, which is why I am stoked for this year's Black Hat USA keynote speaker: Dino Dai Zovi, staff security engineer at Square. "Every Security Team is a Software Team Now" ... Read More

Every security team is a software team now: Why you should attend the Black Hat keynote

| | News and Events, secops
Building and facilitating a culture with continuous collaboration between engineers and security forces is becoming the new philosophy in security, which is why I am stoked for this year's Black Hat USA keynote speaker: Dino Dai Zovi, staff security engineer at Square. "Every Security Team is a Software Team Now" ... Read More
Microsoft Defender Advanced Threat Protection Queries

Microsoft Defender Advanced Threat Protection Queries

| | secops
Recently, I shared on Twitter how you could run a query to detect if a user has clicked on a link within their Outlook using Microsoft Defender Advanced Threat Protection (MDATP). If you are not familiar, MDATP is available within your Microsoft 365 E5 license and is an enhancement to ... Read More
Running queries on Microsoft Defender Advanced Threat Protection

Running queries on Microsoft Defender Advanced Threat Protection

Recently, I shared on Twitter how you could run a query to detect if a user has clicked on a link within their Outlook using Microsoft Defender Advanced Threat Protection (MDATP). If you are not familiar, MDATP is available within your Microsoft 365 E5 license and is an enhancement to ... Read More
Microsoft Defender Advanced Threat Protection Queries

Microsoft Defender Advanced Threat Protection Queries

| | secops
Recently, I shared on Twitter how you could run a query to detect if a user has clicked on a link within their Outlook using Microsoft Defender Advanced Threat Protection (MDATP). If you are not familiar, MDATP is available within your Microsoft 365 E5 license and is an enhancement to ... Read More

Swimlane's pyattack works with Mitre ATT&CK Framework

| | secops
NOTE: The Mitre ATT&CK Framework is NOT an all-encompassing/defacto security coverage map. It is rather a FRAMEWORK, and other avenues should be considered when assessing your security posture. As security teams adopt the Mitre ATT&CK Framework to help them identify gaps in their defenses, having a way to identify what ... Read More

Swimlane's pyattack works with Mitre ATT&CK Framework

| | secops
NOTE: The Mitre ATT&CK Framework is NOT an all-encompassing/defacto security coverage map. It is rather a FRAMEWORK, and other avenues should be considered when assessing your security posture. As security teams adopt the Mitre ATT&CK Framework to help them identify gaps in their defenses, having a way to identify what ... Read More