SOCVue ROI Calculator
Welcome to the Cygilant Blog

Why Your Cyber Incident Response Matters

Posted by Trevan Marden on Mar 9, 2018

Cyber attacks frequently target personal and business data and it is critical to respond quickly to minimize the damage should a breach occur. Cyber incident response includes those plans and activities undertaken to identify, investigate, remediate, and assess damage and prevent further damage. It’s important for organizations to have a well-thought-out cyber incident response plan that includes detailed blueprints of the activities and owners for how your organization will respond to a security incident.

Creating SIEM Alerts To Detect Attacks

Posted by Cygilant Labs on Feb 13, 2018

A good portion of the security research done at Cygilant is done around alerting. For us, an alert occurs when a data point in a log message contains a value we were waiting to see. These data points are usually values such as: IP addresses, authentication statuses, network protocols or error codes, for example. This work is ongoing because there are continually new and better ways to determine if something unique or nefarious is occurring on systems. The log messages we parse come from devices and applications that are deployed within the environment and are commonly referred to as SIEM (security information and event management) data. Most of the hardware and software you are familiar with produce SIEM data which makes it useful determining what is happening on the systems you are monitoring.

Five Steps for an Effective Incident Response Plan

Posted by Trevan Marden on Dec 1, 2017

In today’s world of massive data breaches and constant cyberattacks, it’s important to stay vigilant and have a solid Incident Response Plan in place to identify and mitigate potential security incidents. Here are five important steps to have covered in your plan.

The 3 Secrets of Better Security Ticket Management

Posted by Lydia Dwyer on Aug 3, 2017

Love them and hate them, tickets are an essential task management tool in tech industry. For many IT professionals ticket management can feel a bit like trying to defeat the Hydra; close one ticket and three more replace it.

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Evaluate Cygilant Services at no cost during the trial period.

SOCVue Free Trial

Most Popular Posts

Posts by Topic

See All