Endpoint Security Part 5: How to setup an automated isolation workflow when malware is detected

Cyber Security Automation

In this continuing series on endpoint security protections I’ll be showing you how to fully automate host isolation using ‘Tines’ and ‘Elastic’. This article assumes you are familiar with using Elastic SIEM and have some exposure to Tines.  Tines is a smart automation workflow solution that I came across last year.   What I like about…

Read More

Endpoint Security Part 3: How to correlate threat intelligence

Endpoint Security Part 3: Threat Intelligence

Overview In this third article of a 5 part series on ‘Endpoint Security’ I’m going to be showing you how you can incorporate ‘Threat Intelligence’ into your security operations strategy. There has been a lot written about threat intelligence over the last decade and it has different meanings to people depending on what industry you…

Read More

Endpoint Security Part 2: Enriching your security event data

Data enrichment with Elastic

In this second part series on ‘Endpoint Security’ I’m going to delve into how you can enrich your security event data to provide further context to assist your security analysts when investigating incidents. In this example we will lead off where we ended from ‘Endpoint Security Part 1’  and so if you were following the…

Read More

Cyber Resilience – Are you prepared?

Cyber Resilience : Are you prepared?

In this 4 min video clip, I share my top 5 practical strategies that you should be adopting as an organisation to remain cyber resilient. Whilst there is no silver bullet these should reduce risk and keep you safe from cyber crime attacks such as ransomware.

Read More

Everything you need to know about IRAP

IRAP

Introduction In this article I will take you through everything you need to know about an IRAP assessment and how to successfully achieve IRAP Accreditation; what it is, what’s involved, why it’s important and a checklist of things you will need to do to kick start your IRAP journey.   What is the Information Security…

Read More