Resource Library

2020 has been a year filled with uncertainty. Many industries were either unprepared or not designed to move to a fully remote work environment with haste. Those on the cyber defense frontlines were faced with new challenges in multiple areas as an increase in cyberattacks coincided with the sudden shift to remote work. The progress made over...
Few topics in the field of Cyber Threat Intelligence (CTI) prompt as much passion and debate as the concept of threat attribution. From numerous conference talks, to blogs and papers, to various applications in CTI analysis, the question of threat attribution repeatedly emerges. While CTI attribution discussions can take many forms and aim at...
As more organizations invest in improving their security operations—either by building their own security operations centers (SOCs) or by engaging managed security services—the demand for security-related roles is higher than ever, reaching 3.5 million unfulfilled positions in 2021, according to a Cybersecurity Jobs Report. But from all of th...
The SolarWinds hack has presented a cybersecurity reckoning at a scale never before seen for the US government and private enterprises. While the width and depth of the state-sponsored attacks are yet to be determined, one thing is certain: the fallout from the SolarWinds hack is going to get worse before it gets better. To help determine the...
The Evolution of Threat Hunting Threat hunting continues to evolve for organizations that focus on proactively detecting and isolating Advanced Persistent Threats (APTs) that might otherwise go undetected by traditional, reactive security technologies. While many SOCs are struggling to cope with the current security threat workload, more orga...
There is an increasing chasm between the number of qualified cybersecurity professionals and the number of people needed to fill those roles. DomainTools is a vendor that seeks to address these challenges by offering a context rich threat intelligence solution. DomainTools offerings involve using indicators, including domains and IP addresses...
Automation and integration initiatives, projects and solutions balance machine-based analysis with domain-based knowledge to help security teams better support their organizations by achieving a level of optimized workflows and improving how security point solutions are used. Because this is the second year for the automation and integration ...
There are many places to find backward-looking statistics of how many attacks were launched in cyberspace. Forward-looking guidance areas that security managers should focus on are harder to find. In times of economic uncertainty, it is even more critical for security teams to prioritize resources to increase effectiveness and efficiency in d...
Research conducted by ESG found that 58% of organizations have a threat intelligence program, however with a reliance on manual processes and incompatible tools, organizations struggle to realize the value of threat intelligence. To meet these challenges, some security teams are aiming to effectively operationalize threat intelligence through...
Security Information and Event Management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system. The foundational principle of SIEM is the aggregation of data that is relevant to an organization from multiple sources. C...
Cyberattacks are a top priority in most IT organizations; the risk associated with ransomware attacks, data breaches, business email compromise, and supply chain attacks has garnered that significant attention be made to IT resources and budget to address these threats. The challenge in building a comprehensive security strategy designed to p...
Cyber Threat Intelligence (CTI) is analyzed information about the capabilities, opportunities, and intent of adversaries conducting cyber operations. Adversaries tend to operate in and across digital networks and equipment that shape and impact businesses, critical infrastructure, and our daily lives. Understanding how threats are targeting i...
There is no shortage of media coverage of breaches and outages and there are many places to find backward looking statistics of how many attackers were launched in cyberspace. What is harder to find is expert analysis of what areas security managers should prioritize to increase effectiveness and efficiency in dealing with known threats while...
Evaluating MSSPs? Expel has accumulated a list of questions to ask during the evaluation process. Here are 12 best questions you should consider asking any potential provider to help you determine which provider is the right fit for your organization. ...
Are you in the process of selecting endpoint, network, or SIEM security products? Expel has the expertise you can rely on during the evaluation process. Expel’s CISO, Bruce Potter, provides insights on budget planning when determining your security spend. ...
Ransomware attacks are on the rise but it doesn’t mean it’s time to panic. Expel’s SOC team shares tips on what you can do to keep your organization safe and stay resilient against these types of attacks. ...
Are you tasked with starting or improving the security processes within your organization? Expel’s CISO, Bruce Potter, provides tips on how to do more with less, or improve a less-than-stellar legacy program. ...
Expel receives the highest possible score in 14 criteria in Managed Detection and Response services. What will you learn from this guide? Forrester analysts follow a publicly available methodology and have provided their findings in this report to guide buyers considering Managed Detection and Response providers. Download the report to learn: How ...
Endpoints connect your organization’s two most important assets: people and data. It makes sense to perform as much assessment and remediation as possible where these two resources meet. Successful businesses must manage legal, operational and security risks across all endpoints. The “Intelligent Edge” is the process managin...
The rush to operationalize remote work did not afford the time to conduct the usual level of due diligence associated with a range of issues such as scaling VPN infrastructure, tightening access/authentication policies and process and vetting personal devices not configured to corporate standards. However, while some uncertainties have carri...
2020 was a tumultuous year for IT security and operations (IT SecOps). They were faced with seemingly unsurmountable challenges. But the most forward-looking organizations are rising to the business risk and security readiness challenges imposed by the COVID-19 pandemic. Download this analyst report, featuring Michael Suby, Research Vice Pres...
In cybersecurity, it’s no longer a matter of if you’ll get attacked, but when. That is why partnering with a Managed Detection and Response (MDR) service provider is one of the fastest growing trends in enterprise security. But what do you look for in a partner and how do you know if you’re getting the most effective securit...
Findings from an April 2021 Research Study Last year’s abrupt, massive shift to remote work and the ensuing onslaught of cyberattacks triggered a moment of truth for cybersecurity professionals worldwide. Companies were forced to move computing assets to the cloud, sometimes without having time to fully vet the services for not only their c...
Ponemon Institute conducted the third annual study “Staffing the IT Security Function in the Age of Automation: A Study of Organizations in the United States and United Kingdom” to better understand how organizations are addressing the problem of attracting and retaining IT security practitioners and how the adoption of automation...
Is it possible to overcome the daunting challenge of knowing everything that’s going on inside and outside the network? Tarik Saleh, Senior Security Engineer at DomainTools believe the answer is yes—if security teams take new approaches to how they think about, vet and validate intelligence, indicators and adversary behaviors.This paper...
Many IT and security teams struggle to gain the right level of visibility into all assets, making it harder to secure them. Asset data exists in many different places – but the data is siloed, duplicative, or contradictory. This makes it very difficult for IT and security teams to answer even the most basic questions about their IT environmen...
Infrastructure and ops teams can use unified endpoint management (UEM) to better manage employee devices and applications, resulting in improved employee experience (EX), customer trust, and business agility. But to access these benefits, you’ll first have to select from a diverse set of vendors that vary by size, functionality, geograp...
Digital transformation is a way of life in today’s business world. It touches all corners of the enterprise in ways that were once unimaginable. CIO and IT executives at companies of all sizes and in all industries are quickly coming to realize that most legacy tools and processes are, at best, inefficient and are not aligned with curre...
Blocking against all phishing attempts is costly, time intensive and arguably impossible. This paper will discuss how to get ahead of Phishing scams and the spear phisher’s infrastructure and techniques. Rather than waiting for spear phishing emails to hit the network, security teams can get ahead of the spear phishers and proactively b...
The Hype Cycle for Endpoint Security tracks the innovations that aid security leaders in protecting their enterprise endpoints from attacks and breaches. The technologies and practices in this space are being shaped by two trends: the continued growth in increased complexity of endpoint attacks, and the sudden surge in remote working. ...
Last year’s overnight shift to remote work drove rapid changes in security and IT priorities – resulting in more challenges than ever before. Now, as teams prep for a post-pandemic “new normal”, IT and security teams are facing fresh obstacles. Axonius partnered with Enterprise Strategy Group (ESG) for a global survey of IT...
The hybrid workforce has broadened the attack surface and cybercrime is becoming more sophisticated. Evidence of this is easy to find with a quick look at the latest news articles recounting the stories of government and private company networks falling prey to ransomware. And the threats are only becoming bolder. It’s critical for orga...
Organizations around the world have been struggling to manage and secure supply chains end to end for years. As cybersecurity breaches grow in frequency and sophistication, relying on blind trust and spreadsheets, manually assembled from a disjointed array of reports and cyber data is no longer a safe option. This back-to-basics guide will he...
It can no longer be a topic of debate. If you have enterprise assets connected to the Internet, you will get breached. It is only just a matter of when. Every organization, especially in today’s work-from-home economy must have a documented incident response plan and sets of playbooks that form the incident response procedure. This pap...
Asset management is foundational to security. Whether device discovery, incident response, vulnerability management, GRC and audits, or anything in between — you can’t do any of it without a complete understanding of everything in your environment. But traditional asset inventory approaches? They’re manual, error-prone, and time consum...
The Evolution of Threat Hunting For six years, SANS has conducted a Threat Hunting Survey to examine how cybersecurity professionals hunt inside their organizations to more rapidly detect and identify threats. This year’s survey seeks to better understand the current landscape of threat hunting for organizations and the benefits that th...
prestitial ad