Deep-dive into Azure Sentinel – Part 2 – Data Collection and Processing

From our experience in deploying various SIEM platform, we would rank Azure sentinel number one when it comes to the variety of data collection options it provides. Virtually any log sources and type of data can be ingested in the Azure Sentinel with the different options it provides

Read More

Deep-dive into Azure Sentinel – Part 1 – Introduction to Sentinel as a SIEM

You might have heard of the North Sentinel Island in the middle of Bay of Bengal that hosts the most isolated tribe in the world. Despite several attempts to break in or contact the island, it was always defended violently by the natives and the island still remains untouched. It is considered to be one of the most secured places on planet earth guarded both by the local tribes and the government. When it came to naming the most powerful weapon in Azure cloud security arsenal, Microsoft have chosen the right name for it- Azure Sentinel.

Read More

SOAR Features and Use Cases

Organizations are getting bigger and bigger and, because of that a lot of events, activities and data are being generated and triggered, and the scale of these events sometimes reaches to a peak, where analysts are not able to handle them anymore.

Read More

Dark Web and Threat Intelligence (DARKINT)

Security researchers and Cybersecurity professionals have an immense interest in discovering threat intelligence on the deep web and darknet. This intelligence allows organizations to detect block and prevent threats of all kinds—But first, we need to know, what exactly is the deep web and the Dark Web?

Read More

Ransomware Incident Response Plan – Part 2

Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system if not responded properly. The following article is specially created for preparing incident response teams against this particular attack, but it is generally excellent guidance for everyone who would like to have clear and step-by-step approach on how to prepare, identify, contain, remediate and recover from the dangerous attacks of ransomware.

Read More

Ransomware Incident Response Plan – Part 1

Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system if not responded properly. The following article is specially created for preparing incident response teams against this particular attack, but it is generally excellent guidance for everyone who would like to have clear and step-by-step approach on how to prepare, identify, contain, remediate and recover from the dangerous attacks of ransomware.

Read More

Cyber Threat Intelligence and OSINT

We are living in a world where any number of cyber threats can bring an organization to its knees and it can be downright terrifying. Few years ago, threat intelligence first became a new buzzword in cybersecurity. Threat intelligence was not always a concept easily understood by typical IT security professionals.

Read More

Threat Model and Security Considerations For Remote Workers

As the world faces uncertain times, due to the spread of the pandemic COVID19 (coronavirus) outbreak, organizations around the world sent hundreds of thousands of employees to work from their home.

Read More

12 Steps to Secure Your Organization’s Office 365 Accounts Effectively

Recently, our Incident response team at HAWKEYE received a frantic call from one of our clients saying that their o365 email accounts seems to have been hacked. One of their investors received an email from an attacker asking them to transfer a huge amount of money to the client with the bank account details.

Read More

What to Train Your User for Effective Email Security

User’s is the most vulnerable asset for any organization. We can deploy security controls for any other vulnerability, but not user behavior. User ignorance or negligence has always had a high role in any data breaches or financial frauds in most of the reported cases. So, what to train them for effective email security?

Read More


CONTACT US

We welcome you to contact us for more information
about HAWKEYE - SOC As A Service.