Latest articles from SOCRadar
What is web skimming? The web skimming attack also referred to as online card skimming, steals credit card or payment information details from a website’s visitors when they make purchases or reservations. To achieve this,… Continue Reading
To block the attack vector, you need to know how an attacker thinks. The same idea applies to organizations that want to prevent cybercrimes. The consequences of a cyber attack can be devastating in terms… Continue Reading
The need to protect corporate data from increasing cyberattacks continues to be the top priority of every organization. One of the most important ways to increase your company’s cybersecurity is to use digital certificates. Digital… Continue Reading
Data centers are physical facilities designed to support your business applications, AI activities, file sharing, communications and collaboration services, and many more. They contain servers, storage systems, routers, firewalls, and other components which are crucial… Continue Reading
The term Tools, Techniques and Procedures (TTPs) refers to a method used to evaluate the cyber activity or to identify a certain actor of threat. According to Optiv’s 2020 Cyber Threat Intelligence Estimate Report, relevant… Continue Reading
The SOC is the information security department that continually tracks, analyzes, and enhances the security situation of an enterprise. The goal of the SOC team is, using technological solutions and powerful process management, to identify,… Continue Reading
Subdomains are critical assets of your software applications and server infrastructure. They contain numerous details that can be useful to threat actors as a way into your system. In essence, a subdomain is simply an… Continue Reading
SOC teams have to monitor, analyze, and manage the great volumes of warnings and alerts created by the networks. It takes too long to go over and investigate these warnings and alerts. Too much alert… Continue Reading
External attack surface management (ASM) is the process of discovering, listing, classifying, analyzing, prioritizing, and monitoring all information that can be collected on the internet and informing your organization about sensitive data by searching external… Continue Reading
Threat Intelligence plays a key role in providing the relevant intelligence for companies to help them carry out protective measures and keep their confidentiality. This makes it a promising career path for cyber security enthusiasts.… Continue Reading
The information provided by the threat intelligence, it makes a significant contribution to various business decisions in organizations. The information presented to the organization from an outside perspective is important to require action in internal… Continue Reading
Founded in 1958, MITRE is a non-profit company whose mission is to solve the problem of a safer world. A new curated knowledge base, known as MITRE ATT&CK, which stands for adversarial tactics, techniques, and… Continue Reading
There are a few standards and formats for timely and more effective exchange of sensitive intelligence, and Traffic Light Protocol, better known as TLP, is one of them. In other words, TLP is a comprehensive… Continue Reading
Open Source Intelligence, better known as OSINT, is a technology that refers publicly available and open sources of information (as opposed to covert or secret sources) used in connection with intelligence. OSINT is information that… Continue Reading
For a better security posture, you need to be aware of what is going on around your industry vector and not just around your company. Thousands of breaches and millions of attacks can occur every… Continue Reading
For better security functioning, all organizations need reliable but also real-time cyber threat intelligence. Producing threat intelligence is a complex process and goes through a 5-staged cycle. We have previously written a blog explaining each… Continue Reading
Real-time and reliable cyber threat intelligence is essential for the security functions of organizations. It is leveraged by organizations of different sizes to understand adversary behavior and stay prepared for emerging threats. Producing it is… Continue Reading
Data. Information. Intelligence. Oftentimes confused by people, these very different terms can not be used interchangeably but have a tight connection between each other. The order goes like this: Data is collected, then assembled into… Continue Reading
GitHub is a standard when it comes to sharing code among developers. It is the most essential platform used by developers in every company, and despite the broad usage, there are still bad practices made… Continue Reading
The deep web is the underground of the whole web. Accessing it is not quite difficult, but you need to follow some basic steps in order to retain your privacy. We previously wrote a blog… Continue Reading
