Using Windows Event Forwarding for Centralized Windows Monitoring – Part 3
Reading security logs requires a higher level of permission that other logs. Below are the steps to configure the right […]
Using Windows Event Forwarding for Centralized Windows Monitoring – Part 2
From a security perspective, generally, it would be better to allow communication from user segments to outside rather than from […]
Using Windows Event Forwarding for Centralized Windows Monitoring – Part 1
Staying on top of cyber threats in your environment could be challenging even with a lot of protective measures in […]
Deep-dive into Azure Sentinel – Part 2 – Data Collection and Processing
From our experience in deploying various SIEM platform, we would rank Azure sentinel number one when it comes to the […]
Deep-dive into Azure Sentinel – Part 1 – Introduction to Sentinel as a SIEM
You might have heard of the North Sentinel Island in the middle of Bay of Bengal that hosts the most […]
SOAR Features and Use Cases
Organizations are getting bigger and bigger and, because of that a lot of events, activities and data are being generated […]
Dark Web and Threat Intelligence (DARKINT)
Security researchers and Cybersecurity professionals have an immense interest in discovering threat intelligence on the deep web and darknet. This […]
Ransomware Incident Response Plan – Part 2
Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system […]
Ransomware Incident Response Plan – Part 1
Ransomware was and still is one of the most dangerous attacks that can cause catastrophic consequences to the endpoint system […]
Cyber Threat Intelligence and OSINT
We are living in a world where any number of cyber threats can bring an organization to its knees and […]
Threat Model and Security Considerations For Remote Workers
As the world faces uncertain times, due to the spread of the pandemic COVID19 (coronavirus) outbreak, organizations around the world […]
12 Steps to Secure Your Organization’s Office 365 Accounts Effectively
Recently, our Incident response team at HAWKEYE received a frantic call from one of our clients saying that their o365 […]
What to Train Your User for Effective Email Security
User’s is the most vulnerable asset for any organization. We can deploy security controls for any other vulnerability, but not […]
Cyber Threat Management with MITRE ATT&CK – Part 1
Let’s agree on this first, job of a SOC analyst is TOUGH, as tough as finding a needle in a […]
Automated Threat Response with SOAR
Earlier, there were very few options available to sneak into an organisation’s network. Today, the ways in which cyber criminals […]
Pandemic COVID-19 Outbreak – Cyber Security Implications
As the world is trying to deal with the coronavirus pandemic, it seems hackers, fraudsters, and spammers; all flourish and […]
What is SOC beyond a Monitoring Center?
Managed SOC / CSOC (aka Cyber Security Operations Center) is often regarded as the workplace where the nerdy information security […]
The Basics of Threat Hunting
Forms of Threat Hunt The truth is that threat hunt end goal plays an important role in the whole classification […]
A Threat Hunt Tale
The human domain is complex and unpredictable, and as a result the logic behind certain behaviors are also complex. The […]
Threat Modeling Recipe for a State-of-the-Art SOC
Today, every security expert agrees that we are in the middle of a cyber warfare walking right across a mine […]