Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

3 Ways to Reduce Your Security Operations Centre Costs

A typical security operations centre (SOC) has three core costs: People, data and tools. The total cost of these will vary dramatically based on factors like how many endpoints and users are in your environment and the number of SOC team members you need. Various SOC cost calculators available online put the cost of building a SOC for a 1000-user environment at upwards of £2 million per annum.

Solving False Positive EDR Alerts

Endpoint Detection and Response (EDR) alerts are what happens when an EDR system decides that event data from an agent installed on an endpoint, or several endpoints, shows a potential threat. This doesn’t mean that every EDR alert is a malicious event in progress. Many are “false positives” or malicious behaviour that is actually not a threat.

2 (Realistic) Ways to Leverage AI In Cybersecurity

If you had to choose a security measure that would make the most difference to your cyber program right now, what would it be? Maybe you’d like to get another person on your team? Someone who is a skilled analyst, happy to do routine work and incredibly reliable. Or perhaps you’d prefer an investment that would give your existing team members back more of their time without compromising your ability to find and fix threats? What about human intelligence without human limitations?

Featured Post

Challenges in Securing Cloud Workloads

Cloud computing is nothing new in 2023, but is certainly still a growth piece of technology infrastructure, and one upon which many organisations work to build their IT infrastructure, whether across one cloud provider such as the market leaders AWS, or, increasingly, around a multi-cloud strategy across several providers, and some public cloud offerings.

Threat Detection In 2023 Is Broken. Here's How to Fix It

Why have cyber incidents topped the Allianz Risk Barometer for the last two years in a row? Growing attack surfaces are partly responsible. Remote work, cloud migration, IoT use and other trends give cyber threats more places to enter and hide within networks. But there is another cause – deficiencies in the standard approach to threat detection and response.

Plugging the Cybersecurity Visibility Gap

Is this suspicious network activity alert actually a sign of intrusion, or just another false positive? As the cybersecurity visibility gap widens, anyone who works in a security operations centre (SOC) is likely to ask themselves and their colleagues this question on a regular basis. Unfortunately, as analysts know, answering it is rarely straightforward.

Supercharge Microsoft Sentinel SIEM with SenseOn

Security information and event management (SIEM) solutions like Microsoft Sentinel SIEM are at the heart of most security operations teams. But like any SIEM, while Microsoft Sentinel can be an incredible tool for centralising security data, it also risks being expensive and ineffective. In a recent webinar I discuss these problems and how SenseOn can help supercharge Azure Sentinel. You can now watch this webinar anytime online.

4 SIEM Augmentation Tools and Why You Need Them

Security information and event management (SIEM) tools do a huge amount of security heavy lifting. A central record of millions of events, security operation centres (SOCs) rely on SIEMs for everything from compliance to threat detection and response. But as anyone who has ever worked in a SOC will testify, SIEMs have blindspots and problems—lots of them (Read our Head of Technology, Brad Freeman’s account of using a SIEM).

How SenseOn supports compliance

SenseOn helps organisations improve their security posture and provides the technical capability to meet many of the requirements of common cybersecurity standards. Globally, we have customers who have achieved compliance with ISO 27001, PCI DSS, SOC 2, CIS Top 18, HIPAA, GDPR, and more. This article addresses the most common standards and highlights how SenseOn can help.

Network Detection and Response Tools for Remote Working

Remote workforces need network detection and response tools (NDR), but deploying an NDR that works with remote and hybrid environments is another story. Most NDRs are designed for on-premises networks. Unfortunately, that couldn’t be further from what the typical modern environment looks like.