AnnouncementCase StudyCheckmarkcustomer-story-iconData Sheethow-to-logoposts
skip to Main Content

Security operations

  • 5 min read

Making sense of Amazon GuardDuty alerts

If you’re running workloads on AWS, then you’d better be running GuardDuty. But what is it and how can you make sense of all the signals? Here are our pro tips.

  • 5 min read

Better web shell detections with Signal Sciences WAF

Is Signal Sciences WAF part of your tech stack? Then you’ve got an amazing webshell detection method right at your fingertips.

  • 5 min read

MFA is not a silver bullet to secure your cloud email

Think MFA will be your web mail’s knight in shining armor when a crafty attacker strikes? Think again, and do these four things to make sure your org’s protected.

  • 10 min read

Applying the NIST CSF to U.S. election security

NIST isn’t only useful for corporations -- it’s helpful for guiding security activities around processes like our national elections. Our CISO’s got some thoughts on exactly how to apply NIST to election security.

  • 7 min read

Following the CloudTrail: Generating strong AWS security signals with Sumo Logic

Looking to get more or better security signals out of AWS? Then you’ll wanna read our pro tips on making the most of Amazon CloudTrail.

  • 6 min read

Five things law firms can do now to improve their security for tomorrow

Relativity CSO Amanda Fennell shares the top five, easy-to-get-started things she sees forward-thinking law firms doing to improve their security.

  • 8 min read

Our journey to JupyterHub and beyond

If you use or are considering trying JupyterHub, it’s your lucky day -- we’re sharing configuration tips and tricks, how we’re using it to make technical research easier, and much more.

  • 4 min read

3 must-dos when you’re starting a threat hunting program

So you decided you want to build a threat hunting program ... but where do you start? Here are our three must-dos when you’re planning your hunt.

  • 3 min read

Here’s what you need to know about business email compromise (BEC)

How often does a business email compromise actually happen? And what should you do about it? Our infographic answers those questions and more.

  • 6 min read

How to make your org more resilient to common Mac OS attacks

Got Macs in your org? Here are a few recent Mac OS attack trends and how you can become more resilient to ‘em.

  • 8 min read

The top five pitfalls to avoid when implementing SOAR

SOAR isn’t really about “orchestration and response.” It’s an engineering problem at its core. Here’s why.

  • 6 min read

How to find anomalous process relationships in threat hunting

Finding anomalous process relationships -- commands that don’t belong together -- might indicate a problem within your environment. Here’s how to spot ‘em.

  • 5 min read

This is how you should be thinking about cloud security

Your IT team isn’t racking and stacking servers like they used to, but cracking the cloud security code is easier than you think. Get our pro tips for doing just that.

  • 7 min read

How to choose the right security tech for threat hunting

How do you decide which tech to use to carry out your hunt? This post’s got some pro tips for when and how to use different technology for your threat hunting mission.

  • 4 min read

Don’t blow it — 5 ways to make the most of the chance to revamp your security posture

If you’ve got a blank canvas with the opportunity to build a security program from scratch, here’s how to get started and make the most of your new program

  • 4 min read

NIST’s new framework: Riding the wave of re-imagining privacy

The NIST Privacy Framework will revolutionize how we think about privacy. Here’s how your org might use it.

  • 3 min read

Four habits of highly effective security teams

Practice these habits consistently and you’ll have an engaged, talented and all-around awesome security team.

  • 4 min read

How to get your security tool chest in order when you’re growing like crazy

Need to expand your security tool chest? Our CISO’s got some tips to consider when thinking about what tech to keep or buy.

  • 4 min read

Does your MSSP or MDR provider know how to manage your signals?

How well is your MSSP or MDR going to manage your fleet of security signals over time? Here’s how to figure out whether they’re up for the challenge.

  • 7 min read

How to build a useful (and entertaining) threat emulation exercise for AWS

Want to test your analysts’ detection skills in the cloud? Here are our tips and tricks for building your own threat emulation exercise in AWS.

  • 9 min read

12 ways to tell if your managed security provider won’t suck next year

How can you figure out if the quality of the service you’re about to sign up for will improve over time? Our COO Yanek Korff’s got some tips for making sure you choose a service that’ll last.

  • 4 min read

How to start a cybersecurity program (or restart one that lapsed)

If you're left holding the hot potato of a legacy lackluster security program, or are suddenly forced to protect your org and its data with less, here are a few quick steps to take to get cybersecurity efforts back on track.

  • 3 min read

Three tips for getting started with cloud application security

If you're feeling like your SaaS security knowledge is a bit cloudy, these three pro tips will get you started on the right path.

  • 3 min read

Office 365 security best practices: five things to do right now to keep attackers out

Figuring out how to protect your SaaS infrastructure like Office 365 -- especially if you’re newer to cloud -- can feel overwhelming. So here are five Office 365 security best practices to check out right now.

  • 5 min read

Reaching (all the way to) your NIST 800-171 compliance goals

Close common compliance gaps, without building a SOC, for NIST 800-171 security requirements. And a bit about how we can help.

Cloud security
  • 7 min read

Getting a grip on your cloud security strategy

Understanding how to think about cloud security differently is half the battle. We've thought a lot about it, and we’ve identified three key points that should inform your cloud strategy.

third party assessment
  • 12 min read

A common sense approach for assessing third-party risk

Let us walk you through our third-party assessment process. We think it's lightweight but still achieves the objective - determining if a vendor can be trusted.

  • 7 min read

Lessons learned from a CISO’s first 100 days

In this guest post, Amanda Fennell, CSO at Relativity reflects on what she’s learned.

  • 6 min read

How to identify when you’ve lost control of your SIEM (and how to rein it back in)

See if these four telltale warning signs get your head nodding. If so, learn how to get started on regaining control.

  • 4 min read

What’s new in the NIST Cybersecurity Framework (CSF) v1.1

In case doing a “stare-and-compare” of the original and updated frameworks isn’t your idea of fun, I’ve highlighted three important changes here.

  • 5 min read

What is (cyber) threat hunting and where do you start?

We want to demystify what hunting is and what it’s not. So here goes nothin’ ...

  • 8 min read

How to get started with the NIST Cybersecurity Framework (CSF)

We give you a quick tour of the NIST Cybersecurity framework and describe how you can baseline your efforts in a couple of hours. So check it out.

  • 9 min read

What “I Love Lucy” teaches us about SOC performance

A little nerdy (and a lot math-y) post to help you better understand your SOC's systems, so you know how changes will impact its operation. If you’re wondering what “I Love Lucy” has to do with this then read on.

  • 7 min read

How much does it cost to build a 24x7 SOC?

Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs.

  • 5 min read

Managed detection and response (MDR): symptom or solution?

An uncommonly clear review of what managed detection and response (MDR) is, where it came from and what it can/can't do for you.

  • 3 min read

Decoded: new changes to NIST’s Cybersecurity Framework

NIST has polished up their Cybersecurity Framework based on thousands of organizations implementing it over the past three years. Our CISO, Bruce Potter, highlights three of the most significant (and practical) changes.

what is edr
  • 3 min read

What’s endpoint detection and response (EDR) and when should you care?

We cut through the hype to explain what EDR products can do for you.

  • 8 min read

Warning signs that your MSSP isn’t the right fit

Look out for these five indicators that it's probably time to start considering alternatives to your managed security services provider. Plus, questions to ask to avoid these traps.

  • 5 min read

Budget planning: determining your security spend

Guidance and a short list of things you can do to help you answer the common question "how much should I spend on cybersecurity?"

  • 5 min read

How to avoid shelfware

Set yourself up for success by asking these four questions before you purchase new security products.

  • 4 min read

Mistakes to avoid when measuring SOC performance

Discover the three most common mistakes companies make when developing their first set of operational metrics.

Back To Top