Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Devo

Devo Security Operations - Command and Control Use Case

Table of Contents:

00:00 - Introduction
00:08 - C&C concept
00:31 - C&C types
01:02 - C&C in SecOps
01:41 - C&C in SecOps: alerts
02:23 - C&C in SecOps: Triage
02:45 - C&C in SecOps: new investigation
03:14 - C&C in SecOps: associations
04:09 - C&C in SecOps: related alerts
04:49 - C&C in SecOps: Hunting
05:18 - C&C in SecOps: identify outbound traffic

The Final Critical Step to Building the Modern SOC

The new Devo eBook, Building the Modern SOC, presents four evolutionary steps for creating a highly automated and efficient security operations center (SOC) that empowers analysts. This is the last in a series of posts highlighting the most important elements of the four steps. Previous posts covered Step 1, establishing a foundation of centralized, scalable visibility, Step 2, extracting intelligent insights from your data, and Step 3, supercharging your analysts with the power of automation.

Top Three Devo Cybersecurity Predictions for 2021

For any organization that felt prepared, with their operations well-planned as they headed into 2020, that feeling disappeared quickly. 2020 became the year of the unexpected, forcing organizations to adapt, repeatedly. Looking ahead to 2021, companies of all types and sizes are working to be as prepared, agile, and adaptable as possible. This is certainly true when it comes to building or restructuring an organization’s cybersecurity posture.

Detection and Investigation Using Devo: SUNBURST IOC & Detection Queries

On December 8, 2020, cybersecurity company FireEye announced in a blog post that it had been attacked by what CEO Kevin Mandia described as a “highly sophisticated threat actor” that “targeted and accessed certain Red Team assessment tools that we use to test our customers’ security. These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to our customers.”

What the Convergence of Security and Operations Means for Your Organization

These are incredibly exciting times at Devo, as we continue to help customers solve their ever-growing security and analytics challenges. Our market momentum is continuing, as Devo was recently recognized with a CISO Choice award as the best SIEM solution, earned a place on the 2020 Deloitte Technology Fast 500, and was named a Leader in The Forrester Wave™: Artificial Intelligence For IT Operations, Q4 2020.

The Third Critical Step to Building the Modern SOC

The new Devo eBook, Building the Modern SOC, presents four evolutionary steps for creating a highly automated and efficient security operations center (SOC) that empowers analysts. This is the third in a series of posts highlighting the most important elements of the four steps. Previous posts covered Step 1, establishing a foundation of centralized, scalable visibility, and Step 2, extracting intelligent insights from your data.

The Second Critical Step to Building the Modern SOC

The new Devo eBook, Building the Modern SOC, presents four evolutionary steps for creating a highly automated and efficient security operations center (SOC) that empowers analysts. This is the second in a series of posts about the four steps that highlight some of the most important concepts. The first post covered Step 1, which is about establishing a foundation of centralized, scalable visibility. This post excerpts Step 2, extracting intelligent insights from your data.

The First Critical Step to Building the Modern SOC

The new Devo eBook, Building the Modern SOC, presents four evolutionary steps for creating a highly automated and efficient security operations center (SOC) that empowers analysts. This is the first in a series of blog posts that will introduce the four steps and highlight some of the most important concepts.

The First Critical Step to Building the Modern SOC

The new Devo eBook, Building the Modern SOC, presents four evolutionary steps for creating a highly automated and efficient security operations center (SOC) that empowers analysts. This is the first in a series of blog posts that will introduce the four steps and highlight some of the most important concepts.