Our Blog
Check back for weekly updates
Real Cyber Intelligence Tells a SOC What Its Security Stack Cannot Detect
Actionable cyber threat intelligence should inform a security operations center’s prioritization of the most critical applications and infrastructure to the business and threat hunt program in ways a security stack cannot. With hypotheses-led, defined use cases that...
Threat Intelligence Through the Eyes of Adversaries
Any adversary conducts reconnaissance on a potential target with one question in mind: is the time and resources for research, development, and exploitation, going to be worth the gain? Below are four insights on threat intelligence from the eyes of adversaries....
How to Use Context to Secure Your Platforms
Attribution often gets a bad name in the cybersecurity industry. Attribution can be challenging and may not lead to a direct business outcome is a common refrain. Companies that operate digital platforms have a unique advantage when it comes to attribution, however....
Common Network Segmentation Strategies for Production Environments
Business needs for all company sizes increasingly require managed production environments to perform critical computational and data storage roles that are often administered by company IT professionals, as well as potentially providing services to both internal and...
Three Steps to Work with the Business and Get Your Security Team a Seat at the Table
Corporations big and small at least place some emphasis on cybersecurity, but when it comes to establishing a company strategy with data security in mind, many security leaders remain relegated to an “as-needed,” “cost-center” position. This paradigm places security...
Three Things to Look for to Identify Context Around an Attack Quicker
The cybersecurity industry has defined the term “attribution” of threat actors to refer to the identification of the specific actor or group of actors responsible for an attack. For many victims, “attribution” as defined by the industry is unnecessary; understanding...
Cyber Diligence Provides Actionable Intelligence to M&A Teams
Large companies take robust consultative approaches to integrating networks and applications post-acquisition. Rarely do acquiring security teams have the resources or cost-effective internal processes to do their own investigative cyber diligence on a pending...
Managed Intelligence™: Four Factors for Building Adversarial Context
With limited time and resources for a SOC to prioritize threats for additional research, Mars CISO Andrew Stanley gives several important factors when considering adversarial context with regard to the “who, how, and why” of attribution. Chasing After Ransomware is a...
Managed Intelligence™: Four Outcomes from Operationalizing Intelligence for Third-Party Risk Management
Actionable intelligence is critical for third party risk management as it’s easy to chase false positives that waste resources. While automation enables timely response, deeper analysis is needed to make information from automated sources actionable. Zero Touch...
Three Areas of Focus for Your Insider Threat Program During the COVID-19 Crisis
Security teams are settling in to the “new normal” of remote work as the COVID-19 crisis nears its third month here in the U.S. As many teams have discovered, among the myriad of logistical issues of a remote workforce is the increased risk insiders can cause...
Managed Intelligence™: Shaping a Threat Hunt Program to Operationalize Data, Resource Accordingly, and Protect the Business
Deriving actionable intelligence to enhance organizational security is a challenge faced by all global companies and often further complicated by intertwined networks resulting from mergers and acquisitions. With the volumes of data, it’s important to shape a threat...
Know Your Adversary™: Russian APTs
In the previous two articles in this series, we examined the Iranian and Nigerian Advanced Persistent Threats (APTs) under a sociohistorical lens in order to better understand the various drivers that instigate their threat activity. Today, we examine Russia under the...
Zero Touch Diligence®: Actionable Intelligence for Third-Party Risk Management
Security analysts responsible for vendor management have a unique combination of challenges, both human and technical. Questionnaires are a standard tool, but are also wrought with human error, both intentional and accidental. On the technical side, risk managers are...
Four Priorities for Aligning Your Insider Threat Program
Organizations based in the United States continue to deal with considerable intellectual property theft and largely do not address the issue until there is a problem. The ability to effectively monitor for negligent or malicious insider threat activity is largely...
Managed Intelligence™: An Overview on Signature and Personality-Based Attributions to Mitigate Risk for the Business
Continuing with the Nisos® series on providing context to enable actionable outcomes for Security Operations Centers (SOCs), we examine the differences between signature and personality-based attributions and how each plays a role for enterprises in prioritization...
Stay up to the minute
Subscribe to our blog to get notified of updates in your inbox.