synchronize your siloed tools with connectwise
Synchronize siloed security services with ConnectWise

MSPs & ConnectWise ConnectWise Manage is a popular professional service automation(PSA) software that MSPs (managed service providers) use to manage the services they are offering. It has covered many aspects of running an MSP including sales/marking/contract management/finance/project/ticket etc. all in one place. As more and more MSPs start offering cybersecurity services,  a few things may

Create vulnerability summary report using Power BI

A vulnerability scanner enables organizations to monitor their networks, systems, and applications for security vulnerabilities. Most security teams utilize vulnerability scanners to find weaknesses in their environment and make sure preventive actions are taken properly beforehand. The number of vulnerabilities in IT systems is growing fast every day. Over 8,000 vulnerabilities are reported in Q1

Prevent Email Spoofing with SPF, DKIM and DMARC

Email spoofing is one of the common techniques used by phishing attacks. By using different techniques, attackers trick users to think the email is from legitimate parties.  To combat email spoofing, a few mechanisms have been invented – Namely DMARC, DKIM & SPF. However many times the terms are confusing. In this blog, we will

6 things you should include in your client security dashboard

  Client dashboards and reports are important to the community and the business value. When creating such metrics/dashboards, what is the strategy that can maximize your values? What kind of metrics you should include in your dashboard? Typically the report is mostly sent to a manager in your clients, so the information has to be

Risk based Alerting

Security operations centers (SOC) are incredibly noisy places. They experience hundreds of thousands of security alerts daily. 1% are urgent and very likely to be true attacks. 30% of alerts are false positives. The rest of 69% are either information, nonactionable, or take time to completely identify as false positives or true positives. Either tweaking

cyber security alerts prioritization
Eight factors you should evaluate when prioritizing security alerts

Quantifying and scoring individual security alert are important for security teams to effectively prioritize security tasks. Common scoring mechanisms are the Common Vulnerability Scoring System (CVSS). It is an open framework for communicating the characteristics and severity of software vulnerabilities, owned and managed by FIRST.Org. NIST publishes the Base metrics in the National Vulnerability Database

dark web leaking
Start detecting Leaked Secrets on Darkweb in 10 minutes

The deep web, also known as the dark web, is a part of the internet that is not indexed by search engines and is therefore not accessible to most users. It is often associated with illegal activities, such as the sale of drugs and weapons, and is therefore sometimes referred to as the “dark side”

shadow server
Open ports? Detect and respond with automation!

Hackers are constantly scanning networks and trying to get in via vulnerability exposed via open ports. Therefore, it is important to understand what are the open ports within your network and how to deal with them if there are any open ports. Some ports are required to open for providing service and some are needed

cyber security cheat sheet
Cybersec Cheat Sheets

Shortcut, hot-keys are powerful techniques to improve efficiencies in daily security operations. However, it is hard to remember them all unless you are using the applications all day. Here is a curated list of cheat sheets for many many popular techs in our cybersecurity space. We did not create them. Credits are to the authors

Create a Red and Blue Team HomeLab

A SOC team usually has a red team and a blue team. It is always a good idea to practice TTPs(techniques, tactics, procedures), generate IOCs so that you can understand how an attack works and what noise it generates, and set up automation to start practicing analyzing and responding to these issues, with the aim

Integrating CrowdStrike API to Automate Security Investigation and Response with No Code

The CrowdStrike’s Falcon platform provides protection on critical areas of enterprise risk including endpoints and cloud workloads, identity, and data. Its Endpoint Detection and Response capabilities not only provide alerts on discovered threats but also provide a holistic view of threats and intelligence across all the hosts. Therefore, it is very useful for the security

We are pleased to announce that DTonomy is now part of Stellar Cyber. The integrated solution will enhance cyber threat detection and response automation!

X