Ransomware Detection Using Machine Learning

Gone are the days of manual security analysis that cyber security teams used to perform to track down and stop ransomware attacks.

Due to the vast amount of data that is being generated every minute of every day, it has become impossible to rely on a few cyber security professionals to stop ransomware attacks without significant assistance from automated security tools.

Read More

How to Detect Ransomware Early

The proliferation of ransomware attacks in the past decade has brought many challenges to companies and cyber security teams worldwide. What started as simple ransomware attacks that a knowledgeable person could reverse has now exploded into a large industry with attackers reaping large profits with advanced forms of ransomware that is impossible to reverse.

Read More

CSOC Analysts Cybersecurity Toolkit Arsenal

It is safe to say that organizations worldwide have different infrastructure setups, technology, software, and different network architecture types. No matter how diverse these organizations are, they have one thing in common, a CSOC analyst who is watching over their infrastructure.

Cyber Security Operation Centers or CSOC is comprised of a team of cyber security analysts whose responsibilities are fully dedicated to hunting for vulnerabilities, indicators of compromise and investigating incidents and alarms generated by SIEM, XDR and other monitoring security platforms and tools.

Read More

Deep-dive into Azure Sentinel – Part 1 – Introduction to Sentinel as a SIEM

You might have heard of the North Sentinel Island in the middle of Bay of Bengal that hosts the most isolated tribe in the world. Despite several attempts to break in or contact the island, it was always defended violently by the natives and the island still remains untouched. It is considered to be one of the most secured places on planet earth guarded both by the local tribes and the government. When it came to naming the most powerful weapon in Azure cloud security arsenal, Microsoft have chosen the right name for it- Azure Sentinel.

Read More

Ransomware Incident Response Plan – Part 2

Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system if not responded properly. The following article is specially created for preparing incident response teams against this particular attack, but it is generally excellent guidance for everyone who would like to have clear and step-by-step approach on how to prepare, identify, contain, remediate and recover from the dangerous attacks of ransomware.

Read More

Ransomware Incident Response Plan – Part 1

Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system if not responded properly. The following article is specially created for preparing incident response teams against this particular attack, but it is generally excellent guidance for everyone who would like to have clear and step-by-step approach on how to prepare, identify, contain, remediate and recover from the dangerous attacks of ransomware.

Read More


CONTACT US

We welcome you to contact us for more information
about HAWKEYE - SOC As A Service.