SOAR Features and User Cases

Organizations are getting bigger and bigger and, because of that a lot of events, activities and data are being generated and triggered, and the scale of these events sometimes reaches to a peak, where analysts are not able to handle them anymore.

Read More

Dark Web and Threat Intelligence (DARKINT)

Security researchers and Cybersecurity professionals have an immense interest in discovering threat intelligence on the deep web and darknet. This intelligence allows organizations to detect block and prevent threats of all kinds—But first, we need to know, what exactly is the deep web and the Dark Web?

Read More

Ransomware Incident Response Plan – Part 2

Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system if not responded properly. The following article is specially created for preparing incident response teams against this particular attack, but it is generally excellent guidance for everyone who would like to have clear and step-by-step approach on how to prepare, identify, contain, remediate and recover from the dangerous attacks of ransomware.

Read More

Ransomware Incident Response Plan – Part 1

Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system if not responded properly. The following article is specially created for preparing incident response teams against this particular attack, but it is generally excellent guidance for everyone who would like to have clear and step-by-step approach on how to prepare, identify, contain, remediate and recover from the dangerous attacks of ransomware.

Read More

Cyber Threat Intelligence and OSINT

We are living in a world where any number of cyber threats can bring an organization to its knees and it can be downright terrifying. Few years ago, threat intelligence first became a new buzzword in cybersecurity. Threat intelligence was not always a concept easily understood by typical IT security professionals.

Read More

Threat Model and Security Considerations For Remote Workers

As the world faces uncertain times, due to the spread of the pandemic COVID19 (coronavirus) outbreak, organizations around the world sent hundreds of thousands of employees to work from their home.

Read More

12 Steps to Secure Your Organization’s Office 365 Accounts Effectively

Recently, our Incident response team at HAWKEYE received a frantic call from one of our clients saying that their o365 email accounts seems to have been hacked. One of their investors received an email from an attacker asking them to transfer a huge amount of money to the client with the bank account details.

Read More

What to Train Your User for Effective Email Security

User’s is the most vulnerable asset for any organization. We can deploy security controls for any other vulnerability, but not user behavior. User ignorance or negligence has always had a high role in any data breaches or financial frauds in most of the reported cases. So, what to train them for effective email security?

Read More

Cyber Threat Management with MITRE ATT&CK – Part 1

Let’s agree on this first, job of a SOC analyst is TOUGH, as tough as finding a needle in a haystack. Threat hunters are mostly presented with thousands of logs and telemetry data every second and are supposed to identify threat adversaries from this pool of information. This is one challenge which can fatigue both the human and machine intelligence.

Read More

Automated Threat Response with SOAR

Earlier, there were very few options available to sneak into an organisation’s network. Today, the ways in which cyber criminals can get into an organisation has dramatically increased. There are multiple vulnerable platforms such as cloud data centers, mobile devices, file sharing platforms, IoT devices and many more that provide uncountable ways that compromise the network security.

Read More


CONTACT US

We welcome you to contact us for more information
about HAWKEYE - SOC As A Service.