AnnouncementCase StudyData Sheetposts
skip to Main Content

Security operations

  • 5 min read

Reaching (all the way to) your NIST 800-171 compliance goals

Close common compliance gaps, without building a SOC, for NIST 800-171 security requirements. And a bit about how we can help.

Cloud security
  • 7 min read

Getting a grip on your cloud security strategy

Understanding how to think about cloud security differently is half the battle. We've thought a lot about it, and we’ve identified three key points that should inform your cloud strategy.

third party assessment
  • 12 min read

A common sense approach for assessing third-party risk

Let us walk you through our third-party assessment process. We think it's lightweight but still achieves the objective - determining if a vendor can be trusted.

  • 7 min read

Lessons learned from a CISO’s first 100 days

In this guest post, Amanda Fennell, CSO at Relativity reflects on what she’s learned.

  • 6 min read

How to identify when you’ve lost control of your SIEM (and how to rein it back in)

See if these four telltale warning signs get your head nodding. If so, learn how to get started on regaining control.

  • 4 min read

What’s new in the NIST Cybersecurity Framework (CSF) v1.1

In case doing a “stare-and-compare” of the original and updated frameworks isn’t your idea of fun, I’ve highlighted three important changes here.

  • 5 min read

What is (cyber) threat hunting and where do you start?

We want to demystify what hunting is and what it’s not. So here goes nothin’ ...

  • 8 min read

How to get started with the NIST Cybersecurity Framework (CSF)

We give you a quick tour of the NIST Cybersecurity framework and describe how you can baseline your efforts in a couple of hours. So check it out.

  • 9 min read

What “I Love Lucy” teaches us about SOC performance

A little nerdy (and a lot math-y) post to help you better understand your SOC's systems, so you know how changes will impact its operation. If you’re wondering what “I Love Lucy” has to do with this then read on.

  • 7 min read

How much does it cost to build a 24x7 SOC?

Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs.

  • 5 min read

Managed detection and response (MDR): symptom or solution?

An uncommonly clear review of what managed detection and response (MDR) is, where it came from and what it can/can't do for you.

  • 3 min read

Decoded: new changes to NIST’s Cybersecurity Framework

NIST has polished up their Cybersecurity Framework based on thousands of organizations implementing it over the past three years. Our CISO, Bruce Potter, highlights three of the most significant (and practical) changes.

what is edr
  • 3 min read

What’s endpoint detection and response (EDR) and when should you care?

We cut through the hype to explain what EDR products can do for you.

  • 8 min read

Warning signs that your MSSP isn’t the right fit

Look out for these five indicators that it's probably time to start considering alternatives to your managed security services provider. Plus, questions to ask to avoid these traps.

  • 5 min read

Budget planning: determining your security spend

Guidance and a short list of things you can do to help you answer the common question "how much should I spend on cybersecurity?"

  • 5 min read

How to avoid shelfware

Set yourself up for success by asking these four questions before you purchase new security products.

  • 4 min read

Mistakes to avoid when measuring SOC performance

Discover the three most common mistakes companies make when developing their first set of operational metrics.

Back To Top