Part 13

Part 13

On Detection: Tactical to FunctionalWhy a Single Test Case is InsufficientIntroductionIn my previous post, I explored the idea that different tools can implement the same operation chain (behavior) in various ways. I ...
On Detection: Tactical to Functional

On Detection: Tactical to Functional

Part 10: Implicit Process CreateIntroductionWelcome back to another installment of the On Detection: Tactical to Functional series. In the previous article, I argued that we perceive actions within our environment at the Operational ...
Beyond Procedures: Digging into the Function Call Stack

Beyond Procedures: Digging into the Function Call Stack

Within the cybersecurity industry, many of us have a natural inclination towards digging into technical concepts and understanding what is going on under the hood. Or, if you are like me, you ...
The 5 Cornerstones for an Effective Cyber Security Awareness Training

The 5 Cornerstones for an Effective Cyber Security Awareness Training

It’s not news that phishing attacks are getting more complex and happening more often. This year alone, APWG reported a record-breaking total of 1,097,811 phishing attacks. These attacks continue to target organizations ...
Understanding MITRE ATT&CK Framework?

Understanding MITRE ATT&CK Framework?

Introduced in 2013 by MITRE, the ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) is a way to describe adversarial behaviors expressed in matrices. The matrices contain different techniques and tactics associated with ...
Understanding MITRE ATT&CK Framework?

Understanding MITRE ATT&CK Framework?

Introduced in 2013 by MITRE, the ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) is a way to describe adversarial behaviors expressed in matrices. The matrices contain different techniques and tactics associated with ...
Common Weakness Enumeration (CWE) and Why You Should Care

Common Weakness Enumeration (CWE) and Why You Should Care

Common Weakness Enumeration (CWE) and Why You Should Care Security vulnerabilities come in all sizes, shapes, and forms today. Staying ahead of attackers requires organizations, their security teams, and pretty much everyone ...
MITRE ATT&CK® Framework

Your Guide to MITRE ATT&CK Framework

Your Guide to MITRE ATT&CK Framework Cybersecurity has become a routine activity for the majority of companies. Cyberattacks no longer generate the shock and horror they once did. They’re now just par ...
On Detection: Tactical to Functional

On Detection: Tactical to Functional

Part 3: Expanding the Function Call GraphIntroductionIn the previous post in this series, I introduced the concept of operations and demonstrated how each operation has a function call graph that undergirds it. In ...