Break Down SOC Silos

  Anvilogic is purpose-built to break down SOC silos and move security from a blocker to helping to accelerate and align to business priorities. By automating the detection lifecycle you can gain visibility of complex interactions across different systems to correlate seemingly unrelated events. […]

1 Common Reason Your SOC Might have Alert Fatigue

Better correlate and automate container runtime policies to reduce noise leveraging Anvilogic’s Detection Automation. Correlate Container Runtime Policies To Reduce Noise Anvilogic makes it easy to quickly determine what policies and alerts are actionable Even if you’re collecting runtime policies from security tools, such […]

The simplicity of advanced correlation using Anvilogic’s Scenario Creation

For far too long Security Operation Centers have struggled to find that perfect balance of efficacy in alerting while trying to maintain an acceptable threshold of alerts firing into their SEIM. Today, we’re going to be looking into a research article for a FIN6 […]

Webinar: How to ensure your SOC is living up to its true potential

  

Fast-breaking attacks wearing you down?

Sunburst, RansomExx, Hafnium, and whatever is next? Agility in your detection engineering process will be your savior. SOC practitioners know that the threat landscape is as complex and fast-breaking as it has ever been, and attackers are increasingly more well-funded than ever, and therefore […]

Detecting Dependency Confusion: Supply-Chain Compromise Vector

The recent exposure of SolarWinds showed us how a determined adversary could leverage a trusted source in order to gain access to an organization.  While there is still much to learn from SolarWinds, we should not ignore how other areas of trust could be […]

3 Key Capabilities of a SOC Detection Program

In today’s SOC, analysts spend most of their time struggling to keep up with Incident Response.  It’s a sad but unfortunate truth. The typical Security Operations Center (SOC) aggregates alerts from the variety of security solutions deployed in their enterprise, including alerts for both […]

Life after SunBURST

The SolarWinds Supply-Chain Compromise has affected us all, whether we’re SolarWinds customers or not.  Why? It’s simple. Technology is the foundation of every organization’s services—we all rely on it fully to deliver and protect those services. Today, the Security industry as a whole is on […]

SolarWinds Supply Chain Compromise – Is it possible to detect?

The cybersecurity world has been spinning with the suggested reports that APT29, Russia’s elite hacking intelligence arm, has been able to successfully infiltrate the software development lifecycle (SDLC) of SolarWinds, an IT management company, to distribute a malicious backdoor to over 18,000 of their […]

No-code in the SOC!

The traditional SOC is essentially controlled, in most cases, by a SIEM, e.g., Splunk. The language and inner workings of the SIEM are of paramount importance to the SOC team, and often, hiring decisions are made based on proficiency with the existing SIEM and […]