Latest articles from SOCRadar
External attack surface management (ASM) is the process of discovering, listing, classifying, analyzing, prioritizing, and monitoring all information that can be collected on the internet and informing your organization about sensitive data by searching external… Continue Reading
Threat Intelligence plays a key role in providing the relevant intelligence for companies to help them carry out protective measures and keep their confidentiality. This makes it a promising career path for cyber security enthusiasts.… Continue Reading
The information provided by the threat intelligence, it makes a significant contribution to various business decisions in organizations. The information presented to the organization from an outside perspective is important to require action in internal… Continue Reading
Founded in 1958, MITRE is a non-profit company whose mission is to solve the problem of a safer world. A new curated knowledge base, known as MITRE ATT&CK, which stands for adversarial tactics, techniques, and… Continue Reading
There are a few standards and formats for timely and more effective exchange of sensitive intelligence, and Traffic Light Protocol, better known as TLP, is one of them. In other words, TLP is a comprehensive… Continue Reading
Open Source Intelligence, better known as OSINT, is a technology that refers publicly available and open sources of information (as opposed to covert or secret sources) used in connection with intelligence. OSINT is information that… Continue Reading
For a better security posture, you need to be aware of what is going on around your industry vector and not just around your company. Thousands of breaches and millions of attacks can occur every… Continue Reading
For better security functioning, all organizations need reliable but also real-time cyber threat intelligence. Producing threat intelligence is a complex process and goes through a 5-staged cycle. We have previously written a blog explaining each… Continue Reading
Real-time and reliable cyber threat intelligence is essential for the security functions of organizations. It is leveraged by organizations of different sizes to understand adversary behavior and stay prepared for emerging threats. Producing it is… Continue Reading
Data. Information. Intelligence. Oftentimes confused by people, these very different terms can not be used interchangeably but have a tight connection between each other. The order goes like this: Data is collected, then assembled into… Continue Reading
GitHub is a standard when it comes to sharing code among developers. It is the most essential platform used by developers in every company, and despite the broad usage, there are still bad practices made… Continue Reading
The deep web is the underground of the whole web. Accessing it is not quite difficult, but you need to follow some basic steps in order to retain your privacy. We previously wrote a blog… Continue Reading
You have definitely heard there is a deep side to the internet where not everyone can access it. That is considered by many as hazardous and even illegal. We have prepared this blog post to… Continue Reading
In part 1 of this blog series, we discussed a few popular osint tools that help developer’s find leaked information from their GitHub projects: GitGrabber, GitLeaks, Gitminer, Gitrob. In this part, we will continue with… Continue Reading
Back in the time when there was no Github, developers used to share codes in local servers of the company, or even with flash drives. But imagine you are out of the company’s LAN and… Continue Reading
Zoom Video Communications Inc.’s video conferencing app, has seen booming popularity since COVID-19 outbreaks began in January 2020. Zoom usage rose after lockdowns with corporate office workers, students, millions of people who #stayhome, and even… Continue Reading
With the current COVID-19 pandemic, remote working has become an inevitable option for many organizations. While enterprises have their own well-prepared IT teams, the pandemic has caught small organizations off guard in the security aspect.… Continue Reading
Phishing and domain squatting are commonly used by threat actors to achieve different kinds of goals against an organization. Among these goals are; Stealing personally identifiable information (PII) and selling it on black markets for… Continue Reading
On February 3rd, Microsoft Teams suffered outages following the expiration of one of its SSL certificates. Microsoft’s collaborative Slack-alike, Teams, bundles together a variety of Microsoft applications having over 20 million daily active users. This… Continue Reading
In case of a cybersecurity investment, it's not always possible to satisfy the board by repeatedly saying "better safe than sorry". Boards want to witness an understanding of the big-picture involving operations and financials as… Continue Reading
