Security Team

What Makes a Great Security Team? 4 Standout Qualities

Ben Johnson

This guest post was contributed by Ben Johnson, co-founder and CTO of Obsidian Security, a stealth startup based in Southern California. Prior to Obsidian, Ben co-founded and was CTO of Carbon Black. In infosec, we are often quick to call out the people, processes, and technology that we believe are selling snake-oil, are needlessly inefficient, or don’t perform as expected. … Read More

Gaining Visibility

The Scariest Threats? The Ones We Cannot See

Casey Smith

It’s Halloween—my favorite time of year. If you think about most scary movies, what is it that scares us most? I propose that the scary things, the really scary things, are the ones we can’t see. From the popular (and awesome) show Stranger Things to classics like Paranormal Activity, Predator, and Aliens, the evils we cannot see are often the most terrifying. … Read More

Atomic Red Team Testing

Red Canary Introduces Atomic Red Team, a New Testing Framework for Defenders

Casey Smith

How do you know your security solutions are tuned and ready to face actual adversaries? Are you testing new or existing products to provide assurances for detections? If you’re like many teams, you may lack the internal resources or expertise to simulate a specific adversary tactic or technique. That is why we recently created Atomic Red Team, a testing framework … Read More

Ripped from the Headlines

The Real Lessons From the Latest Security “Scandal”

Chris Rothe

In the aftermath of the excitement of the hit piece on Carbon Black published by DirectDefense and circulated by Gizmodo and others, there are a few lessons that I hope we as a security community (practitioner and vendor) can learn. 1: Understand where your data is going. The first, and most obvious, is the importance of understanding exactly what data … Read More

Threat Intelligence

Common Security Mistake #3: Aimless Use of Threat Intelligence

Phil Hagen

“Threat Intelligence” is the latest security concept to undergo aggressive cyber-buzzwordification (this is a real word). This is common in the information security industry, and follows a very predictable cycle: Discovery A real and valuable concept starts to take hold, and high-functioning security teams leverage the concept with great success. Socialization In a genuine interest to improve the security game, … Read More