AnnouncementCase StudyCheckmarkcustomer-story-iconData Sheethow-to-logoposts
skip to Main Content

Security operations

  • 3 min read

Four habits of highly effective security teams

Practice these habits consistently and you’ll have an engaged, talented and all-around awesome security team.

  • 4 min read

How to get your security tool chest in order when you’re growing like crazy

Need to expand your security tool chest? Our CISO’s got some tips to consider when thinking about what tech to keep or buy.

  • 4 min read

Does your MSSP or MDR provider know how to manage your signals?

How well is your MSSP or MDR going to manage your fleet of security signals over time? Here’s how to figure out whether they’re up for the challenge.

  • 7 min read

How to build a useful (and entertaining) threat emulation exercise for AWS

Want to test your analysts’ detection skills in the cloud? Here are our tips and tricks for building your own threat emulation exercise in AWS.

  • 9 min read

12 ways to tell if your managed security provider won’t suck next year

How can you figure out if the quality of the service you’re about to sign up for will improve over time? Our COO Yanek Korff’s got some tips for making sure you choose a service that’ll last.

  • 4 min read

How to start a cybersecurity program (or restart one that lapsed)

If you're left holding the hot potato of a legacy lackluster security program, or are suddenly forced to protect your org and its data with less, here are a few quick steps to take to get cybersecurity efforts back on track.

  • 3 min read

Three tips for getting started with cloud application security

If you're feeling like your SaaS security knowledge is a bit cloudy, these three pro tips will get you started on the right path.

  • 3 min read

Office 365 security best practices: five things to do right now to keep attackers out

Figuring out how to protect your SaaS infrastructure like Office 365 -- especially if you’re newer to cloud -- can feel overwhelming. So here are five Office 365 security best practices to check out right now.

  • 5 min read

Reaching (all the way to) your NIST 800-171 compliance goals

Close common compliance gaps, without building a SOC, for NIST 800-171 security requirements. And a bit about how we can help.

Cloud security
  • 7 min read

Getting a grip on your cloud security strategy

Understanding how to think about cloud security differently is half the battle. We've thought a lot about it, and we’ve identified three key points that should inform your cloud strategy.

third party assessment
  • 12 min read

A common sense approach for assessing third-party risk

Let us walk you through our third-party assessment process. We think it's lightweight but still achieves the objective - determining if a vendor can be trusted.

  • 7 min read

Lessons learned from a CISO’s first 100 days

In this guest post, Amanda Fennell, CSO at Relativity reflects on what she’s learned.

  • 6 min read

How to identify when you’ve lost control of your SIEM (and how to rein it back in)

See if these four telltale warning signs get your head nodding. If so, learn how to get started on regaining control.

  • 4 min read

What’s new in the NIST Cybersecurity Framework (CSF) v1.1

In case doing a “stare-and-compare” of the original and updated frameworks isn’t your idea of fun, I’ve highlighted three important changes here.

  • 5 min read

What is (cyber) threat hunting and where do you start?

We want to demystify what hunting is and what it’s not. So here goes nothin’ ...

  • 8 min read

How to get started with the NIST Cybersecurity Framework (CSF)

We give you a quick tour of the NIST Cybersecurity framework and describe how you can baseline your efforts in a couple of hours. So check it out.

  • 9 min read

What “I Love Lucy” teaches us about SOC performance

A little nerdy (and a lot math-y) post to help you better understand your SOC's systems, so you know how changes will impact its operation. If you’re wondering what “I Love Lucy” has to do with this then read on.

  • 7 min read

How much does it cost to build a 24x7 SOC?

Not all 24x7 SOCs are created equal. To figure out how much it costs to go 24x7, you have to first figure out what kind of SOC you’re trying to build. We outline four possible security operations centers and an estimate of your costs.

  • 5 min read

Managed detection and response (MDR): symptom or solution?

An uncommonly clear review of what managed detection and response (MDR) is, where it came from and what it can/can't do for you.

  • 3 min read

Decoded: new changes to NIST’s Cybersecurity Framework

NIST has polished up their Cybersecurity Framework based on thousands of organizations implementing it over the past three years. Our CISO, Bruce Potter, highlights three of the most significant (and practical) changes.

what is edr
  • 3 min read

What’s endpoint detection and response (EDR) and when should you care?

We cut through the hype to explain what EDR products can do for you.

  • 8 min read

Warning signs that your MSSP isn’t the right fit

Look out for these five indicators that it's probably time to start considering alternatives to your managed security services provider. Plus, questions to ask to avoid these traps.

  • 5 min read

Budget planning: determining your security spend

Guidance and a short list of things you can do to help you answer the common question "how much should I spend on cybersecurity?"

  • 5 min read

How to avoid shelfware

Set yourself up for success by asking these four questions before you purchase new security products.

  • 4 min read

Mistakes to avoid when measuring SOC performance

Discover the three most common mistakes companies make when developing their first set of operational metrics.

Back To Top