MITRE’s Attacker Tactics, Techniques, and Common Knowledge (ATT&CK) framework is a powerful tool for improving cyber defense by creating a smarter security operations center (SOC). 




WHY putting PROCEDURES IN PLACE TO DETECT & RESPOND QUICKLY TO ATTACKS IS AS IMPORTANT AS THREAT PREVENTION

CyberNews interviewed our CEO, Tony Velleca about cybersecurity, threats, and security...




Infosec Europe is coming up after a two-year COVID break! Running June 21–23 at ExCeL, London, Infosec is a wonderful opportunity to see how the industry has progressed and learn about emerging...




Curious what it’s like to work for an advanced Managed Detection & Response cybersecurity company like CyberProof?




Our recent virtual SOC Masterclass – held in collaboration with Microsoft – focused on cloud security transformation and was designed to inspire and upskill security operations leaders to...




Leading technology research firm Forrester released an infographic summarizing the key data collected from customers and vendors about the Managed Detection & Response (MDR) market.




Making sense of an overwhelming amount of data is one of the biggest challenges of any Security Operations Center (SOC). It’s complicated to digest millions of different appliance logs and events –...




The violation of personal security via mobile devices has come to the forefront in recent months, through the actions of government agencies and commercial organizations that “listen in” to our...




This week, security researchers shared a deep-dive analysis of an advanced wiper that was leveraged to wipe Viasat’s satellite communication modems in Ukraine. In addition, Google’s threat analysis...




Over the past week, researchers detected some new campaigns being employed against Ukrainian organizations as part of the ongoing conflict between Russia and Ukraine. These include a phishing...




How does threat hunting help enterprises maintain a more effective cyber security strategy and respond to threats more effectively? What is it about threat hunting activities that measurably reduce...




The war between Russia and Ukraine is taking place on all fronts – geopolitical, physical, social, and digital. As the fighting continues, cyber attacks are growing as well, with threat actors of all...




Since the Russian invasion into the Ukraine began, cyber warfare between the two countries has escalated with more and more campaigns, malware strains, and attacks having been observed against a...




In celebration of International Women’s Day on March 8, we’re delighted to bring you a Q&A discussion with two of the stars on CyberProof’s dedicated Threat Hunting team, Shani Touitou and Karina...




Security Operations Center (SOC) teams typically rely on manual processes to obtain the cyber threat intelligence (CTI) information they need. Analysts read CTI reports, sent at weekly or monthly...




Data exfiltration is a tactic that allows cyber attackers to steal sensitive data and extract it outside of the organization. The MITRE ATT&CK framework defines nine different techniques and eight...




CyberProof’s CTI team conducted an in-depth analysis of ransomware attacks launched by major ransomware operators in 2021. We documented the Tactics, Techniques, and Procedures (TTPs) and tools that...




According to Wikipedia, Fear of Missing Out (FOMO) is the “feeling of apprehension that one is either not in the know or missing out on information, events, experiences, or life decisions that could...




CyberProof’s latest report, the 2022 Cyber Defenders Playbook, provides insight into how to implement effective Security Operations Center (SOC) procedures, by illustrating CyberProof’s collaborative...




CyberProof’s Cyber Threat Intelligence (CTI) team performed an analysis of the most dangerous countries in 2021. We conducted research to identify the most common origins of cyber attacks, basing our...




As a product marketer myself, I’m familiar with the sort of techniques that are used to market a product and attract a target audience. As a cybersecurity product marketer, it’s even more interesting...




With security analysts acting as the front line of cyber security defense, it’s paramount to maintain vigilance and team morale. So how can you ensure continuous development and retention of your...




CyberProof’s team was focused over the weekend on providing information and updates necessary to protect our clients from a new, critical remote code execution (RCE) zero-day exploit for Apache Log4j...




Black Friday is one of the most active times of the year for online consumers, which means that it is also a particularly lucrative season for cyber criminals. Just as in previous years, these cyber...




This month’s CyberProof SOC Masterclass attracted SOC Leaders, Engineers, CISOs, and Security Analysts. Our 2-day event covered a range of topics designed to upskill security operations leaders, who...




CyberProof and SANS have partnered to provide this year’s SANS Institute SOC Survey – a report that provides security leaders with insight about key trends adopted by Security Operations Centers...




As consumers throughout India rush to do last-minute shopping for Diwali, retailers have good reason for concern. Amid the preparations for the fireworks, candle-lighting and family gatherings, a...




Basic Authentication, as its name suggests, is the most basic authentication protocol – providing a User-Password form of authentication without any additional, more advanced type of identity...




Cloud computing offers a wide range of benefits – from low infrastructure & maintenance costs and scalability to better performance and flexibility. Yet, those rushing to the cloud without the right...




Part 2 of 2

In part 1 of this blog we discussed how building a use case package requires specific skills – from building effective cyber security threat detection rules in the SIEM to defining robust...




Part 1 of 2This is part 1 of a 2-part post about the Use Case Factory. If you’d like to more in-depth information about the use case process itself, see part 2.




To be competitive and support business growth, organizations relying on Operational Technology (OT) ecosystems must adopt new technologies – integrating innovations & enhancements with legacy systems...




Threat actors utilize a wide variety of tactics and tools to gain access to a target network – frequently using the network’s endpoints as entry points to reach the organization’s “crown jewels.”...




Potentially Unwanted Programs (PUPs) – also known as Potentially Unwanted Applications (PUAs) – often come installed with freeware. Commonly referred to as junkware, bundleware, or adware, PUPs are...




The steep cost of data processing in Azure Sentinel – a crucial component of Managed Detection & Response (MDR) – poses a challenge for many large organizations that struggle to maintain effective...




We’re delighted to have had the opportunity to present at InfoSecurity Europe 2021! Jaimon Thomas, Global Head, Security Solutions at CyberProof, and Sinu Peter, Principal Security Architect,...




As migration to the cloud is increasing, so is the number and complexity of threats targeting the cloud. Security operations are evolving and need to accommodate these new threats alongside existing...




“To a great mind, nothing is little” remarked Sherlock Holmes, describing the process of one of his investigations. Reading through Holmes’ quotes, one can easily identify a connection between...




There is no doubt that the COVID-19 pandemic made rapid, wide-ranging changes to where and how we work. But are these changes permanent or will things revert to the way they were – once a vaccine is...




Cyber extortion is when an individual or group obtains access to an individual’s systems or an organization’s systems using various malware techniques and encrypts their files, blocking access – or...




The adoption of Microsoft’s Office 365 collaboration and email platform became much more widespread this year. In part, the switch is due to the phenomenon of Work from Home (WFH) – a practice that...




Treating patients is not the only thing that hospitals and other healthcare providers need to worry about.




Hundreds and even thousands of popular browser extensions are available that support a variety of useful functions, from ad blocking and cookie management to text translation, grammar correction, and...




International Women’s Day provided a rare opportunity to openly and honestly probe some of the challenges and opportunities for women of diverse background and cultures to build a career in cyber...




Wargaming is a unique and effective means of testing cyber readiness – by improving an organization’s ability to effectively handle real cyber attacks using planned attack simulations and practicing...




It seems that a day doesn’t go by without another cyber breach catching the news headlines. As cyber threats of all types continue to increase – growing in number and sophistication – organizations...




This is the second part of a 2-part series. To see part 1, click here




Organizations in the Financial Services (FS) industry face a wide range of threats – from supply chain risk and identity theft to online fraud and data manipulation.