19 Aug 2020

Sticky Post By HAWKEYE Posted in Cyber Security, Cyber Threat Intelligence, Security Operations Center Permalink

Cyber Threat Intelligence and OSINT

Sticky Post By HAWKEYE On August 19, 2020

We are living in a world where any number of cyber threats can bring an organization to its knees and it can be downright terrifying. Few years ago, threat intelligence first became a new buzzword in cybersecurity. Threat intelligence was not always a concept easily understood by typical IT security professionals.

Read More

Cyber Threat Intelligence and OSINT August 19th, 2020HAWKEYE

16 Aug 2020

Sticky Post By HAWKEYE Posted in Cyber Security, Incident Response, Threat Hunting, Threat Modeling Permalink

Threat Model and Security Considerations For Remote Workers

Sticky Post By HAWKEYE On August 16, 2020

As the world faces uncertain times, due to the spread of the pandemic COVID19 (coronavirus) outbreak, organizations around the world sent hundreds of thousands of employees to work from their home.

Read More

Threat Model and Security Considerations For Remote Workers August 16th, 2020HAWKEYE

14 Jun 2020

Sticky Post By HAWKEYE Posted in Cyber Security, Incident Response Permalink

12 Steps to Secure Your Organization’s Office 365 Accounts Effectively

Sticky Post By HAWKEYE On June 14, 2020

Recently, our Incident response team at HAWKEYE received a frantic call from one of our clients saying that their o365 email accounts seems to have been hacked. One of their investors received an email from an attacker asking them to transfer a huge amount of money to the client with the bank account details.

Read More

12 Steps to Secure Your Organization’s Office 365 Accounts Effectively June 14th, 2020HAWKEYE

09 Jun 2020

Sticky Post By HAWKEYE Posted in Email Security Permalink

What to Train Your User for Effective Email Security

Sticky Post By HAWKEYE On June 9, 2020

User’s is the most vulnerable asset for any organization. We can deploy security controls for any other vulnerability, but not user behavior. User ignorance or negligence has always had a high role in any data breaches or financial frauds in most of the reported cases. So, what to train them for effective email security?

Read More

What to Train Your User for Effective Email Security June 9th, 2020HAWKEYE

01 Jun 2020

Sticky Post By HAWKEYE Posted in Cyber Security, Cyber Threat Management, Managed Security Services, Managed SOC Services, Security Operations Center Permalink

Cyber Threat Management with MITRE ATT&CK – Part 1

Sticky Post By HAWKEYE On June 1, 2020

Let’s agree on this first, job of a SOC analyst is TOUGH, as tough as finding a needle in a haystack. Threat hunters are mostly presented with thousands of logs and telemetry data every second and are supposed to identify threat adversaries from this pool of information. This is one challenge which can fatigue both the human and machine intelligence.

Read More

Cyber Threat Management with MITRE ATT&CK – Part 1 June 1st, 2020HAWKEYE

11 May 2020

Sticky Post By HAWKEYE Posted in Cyber Security, Security Orchestration Permalink

Automated Threat Response with SOAR

Sticky Post By HAWKEYE On May 11, 2020

Earlier, there were very few options available to sneak into an organisation’s network. Today, the ways in which cyber criminals can get into an organisation has dramatically increased. There are multiple vulnerable platforms such as cloud data centers, mobile devices, file sharing platforms, IoT devices and many more that provide uncountable ways that compromise the network security.

Read More

Automated Threat Response with SOAR May 11th, 2020HAWKEYE

12 Apr 2020

Sticky Post By HAWKEYE Posted in Cyber Security Permalink

Pandemic COVID-19 Outbreak – Cyber Security Implications

Sticky Post By HAWKEYE On April 12, 2020

As the world is trying to deal with the coronavirus pandemic, it seems hackers, fraudsters, and spammers; all flourish and they are not on lockdown. The situation has proven to be a blessing for them. The attackers find new ways to take advantage of the human fear and to target victims with scams or malware campaigns.

Read More

Pandemic COVID-19 Outbreak – Cyber Security Implications April 12th, 2020HAWKEYE

24 Sep 2019

Sticky Post By HAWKEYE Posted in Managed Security Services, Managed SOC Services, Security Operations Center Permalink

What is SOC beyond a Monitoring Center?

Sticky Post By HAWKEYE On September 24, 2019

Managed SOC / CSOC (aka Cyber Security Operations Center) is often regarded as the workplace where the nerdy information security professionals spend their time in. Actually, its more than just a physical workplace with many more dimensions to it. So, let’s see what makes a monitoring center with screens and eyes a SOC.

Read More

What is SOC beyond a Monitoring Center? November 3rd, 2019HAWKEYE

17 Sep 2019

Sticky Post By HAWKEYE Posted in Managed Security Services, Managed SOC Services, Security Operations Center, Threat Hunting Permalink

The Basics of Threat Hunting

Sticky Post By HAWKEYE On September 17, 2019

Forms of threat hunt

The truth is that threat hunt end goal plays an important role in the whole classification of the type of the hunt. Hunt events start with a concrete goal to discover specific actors—which classifies this type of hunt as a threat focused. Likewise, an environmental hunt engagement focused on learning a particular subset of the overall environment from a technical angle. Classifying the type of a threat hunt is as essential as the type of threat hunt changes the TTP and data sources required to conduct the hunt. A hunt might also start as an environmental hunt and might change into a threat-focused hunt as any malicious activity be discovered.

Read More

The Basics of Threat Hunting November 3rd, 2019HAWKEYE

30 Jun 2019

Sticky Post By HAWKEYE Posted in Managed Security Services, Managed SOC Services, Security Operations Center, Threat Hunting, Threat Modeling Permalink

A Threat Hunt tale

Sticky Post By HAWKEYE On June 30, 2019

The human domain is complex and unpredictable, and as a result the logic behind certain behaviors are also complex. The problem that many detection systems try to resolve is the automated detection of these complex behavior actions. Some of the actions are obvious (i.e. ports scan), but others are less detectable, particularly when is coming from the internal network such as valid credentials used for wrong purposes.

To make the issue a little more difficult, not all analysts use the same techniques or methods to achieve their goals. For example, a nation state actor could have a set of known techniques tactics and procedures (TTPs) that could potentially be detected. If the TTPs changed, what new course of actions would the analyst take? Or even more frustrating, what if an insider was operating in the grounds of a company policy to steal data? The detection line grows and might even be non-existent in the case of an insider leaking information until the damage is done.

Read More

A Threat Hunt tale November 3rd, 2019HAWKEYE