Insights Blog

Learn why NIST's Cybersecurity Framework 2.0 emphasizes the need for a seperate "Govern" function and the impact of governance on security programs.

Discover the advantages of using Splunk UI and Dashboard Studio for building dashboards and visualizations in Splunk.

Discover the importance of open-source threat intelligence and how it can empower individuals and organizations to proactively enhance their security posture.

Discover the impact of SIEM market consolidation on MSSP/MDR customers and the future of security operations in 2024.

Shift focus from constant threats in cybersecurity to prioritizing protection. Embrace cyber resilience for a safer digital landscape with this blog post.

Learn about the elevated level partnership between Deepwatch and CrowdStrike, and the expanded capabilities it brings to the cybersecurity landscape.

From the SOC, Tim Grossner discusses securing or migrating away from VPNs after the recent rash of high profile attacks on multiple vendors.

Discover practical recommendations for optimizing vulnerability management tools and leverage APIs to enhance reporting capabilities.

Understand the parallels between the "Golden Hour" in medical emergencies and the response time in cybersecurity incidents, and the potential consequences of delayed incident response.

Learn how to safeguard the integrity of your supply chain with Deepwatch's cybersecurity expertise. Mitigate vulnerabilities and build a more cyber resilient future.

Gain insights into the zero-day vulnerability affecting Palo Alto Networks’ Global Project, including its impact, patch time, and cyber resilience recommendations.

Look beyond where buzzwords like automation and artificial intelligence (AI) and learn how Deepwatch empowers our trusty SOC analysts

Looking to deploy advanced EDR solutions? Leverage these 2024 best practices to ensure success in your Endpoint Detection & Response programs.

Don't fall for something that's not true. Discover why Deepwatch believes April Fools' Day is made to be a Cyber Resilience Holiday.

Deepwatch uncovers a new threat to victims searching for the 2023 Adobe Photoshop installer and getting a Monero cryptocurrency miner instead.

Discover how the Deepwatch and AWS solution effectively addresses today's cloud security challenges and boosts organization's cyber resilience.

Dive in with Deepwatch's Sr. Manager of Platform Operations and Engineering as he breaks down the engineering teams role in Splunk utilization.

Dive into the world of detection engineering and the use of the MITRE ATT&CK framework within the SOC with Deepwatch's Director of Threat Operations.

Deepwatch dives into the revolution in SOC data through the introduction of an Open Security Data Architecture to address key industry problems.

A TLDR on what security leaders need to know about the ConnectWise and ScreenConnect vulnerabilities, including recommendations beyond patching

Get insights on all things AWS detection engineering, including CloudTrail logs & alerting, best use of tools, detection use cases, & configurations

Get guidance from one of the largest SOCs in the business on key components to building a resilient security operations program

Adversaries are using popular domains to bypass Secure Email Gateway (SEG) protections. Learn how to leverage mature SIEM detections for solid defense

Zloader is back again. Get details of their latest variant (version 2.0.0.0), with insight on the inner workings of the threat, indicators, and tooling

Get the pertinent facts on Ivanti's two recent zero-day CVEs and know what actions you can take while patches are still being rolled out

Data leak sites listed over 2,400 victims in 2023. Read for a full analysis on groups, impact to industries and geography, and how to avoid falling victim

Get insights on the state of ransomware in 2023, its evolution and new threats, along with predictions for the landscape in 2024

The FBI has halted BlackCat/ALPHV on the dark web and provided a free, effective ransomware decryptor. Read for key lessons from this takedown

Deepwatch uncovers basics to being cyber threat ready in 2024 as attacks grow in complexity, volume, and inevitability. Learn how you can prepare

Deepwatch breaks down hyperautomation in cybersecurity - what it is, examples, and benefits. Learn how it's bringing harmony to dissonance

Understand the crucial elements of vulnerability management maturity and how they play into building cyber resilience

Microsoft Defender logs can be perplexing and convoluted. Hear from Deepwatch engineers as they break down this logging mechanism

Deepwatch's VP, Security & Content Strategy reveals key lessons from the recent MGM & Caesars cyber attacks that you can apply on your journey to cyber resilience

Uncover insights from recent security breaches, the business impact, and how a focus on cyber resilience could help your organization avoid the same

Get clear insights on what plus addressing is, how it enhances cyber awareness and resiliency, and how it can help reduce phishing attacks

As the attack landscape expands & grows in complexity, proactive defense is not enough. Learn why cyber resilience is imperative to organizations today

Get insights on Cisco's acquisition of Splunk, its impact on customers & the cybersecurity industry as a whole from CEO of Deepwatch, a key Splunk partner

The role of a security leader is not to prevent every attack. Discover how cyber resilience enables teams to respond competently when incidents occur

How to think, measure, & manage the evasive nature of cybersecurity risk in more modern & realistic ways. Read the full blog by Deepwatch CTO, Wes Mullins

As generative AI tools emerge, Deepwatch's Michael Mayes breaks down moral and ethical considerations, taking lessons from other emerging tech

SecOps outsourcing is more than just a reaction to a skills shortage. Unlock the key benefits it can have on your organizations long-term success and security

Explore the observations, metrics, trends and forecast the Deepwatch ATI team has uncovered in their 2023 Threat Report.

Understand the key challenges facing financial services SecOps teams in 2023 and what can be done to address them

Financial services organizations are faced with continuous cyber attacks and increased challenges. Discover the top 8 threats today

Understand the best path to achieving 24/7/365 security coverage for your organization

Understand the most damaging cyber attacks security teams should look for to reduce risk this holiday shopping season

Take and apply these vulnerability management best practices and future proof your organization from threats

Stay prepared & continue advancing your cybersecurity efforts with insight on the issues predicted to arise in 2023

Discover how healthcare organizations can bridge the cybersecurity skills gap amongst an ever changing landscape

New vulnerabilities are discovered every day. Know when it's time to improve your tech stack, hire, or leverage managed services

Stop living with extortion. Understand how to better protect your organization from ransomware with managed detection and response

Dive in as we breakdown Uber CISO, Joe Sullivan’s conviction, the pressures CISOs are under today and the mindset shift that needs to happen

In honor of Cybersecurity Awareness Month's theme of “See Yourself in Cyber”, CISO David Stoicescu shares tips and insights in this Q&A

Any company can be breached by an employee making a poor security choice. Get the background on Uber's security breach and lessons learned

Privacy and security extend beyond HIPAA. Understand how to effectively mature SecOps in healthcare to protect patient care

Building and maintaining a modern security operations center (SOC) is a dynamic and expensive endeavor. Know the hidden costs to take into account

Governments are updating their rules around cybersecurity incident reporting and industry leaders are crying foul. Read as we break this debate down

As economic concerns grow, security teams with limited resources look to Deepwatch Managed Security Solutions to optimize budgets, extend coverage, and reduce risk

Security Operations is no island and your team can’t secure everything by themselves. Cybersecurity is a team sport, and everyone needs to be involved. Your security operations team needs to collaborate with other groups and departments to understand priorities, goals, and objectives

Maturing security operations can be difficult, particularly if resources are limited, staff are hard-to-hire, and critical technology may not be properly deployed or may be lacking. These issues affect all companies, but they especially affect mid-sized businesses with small security teams. Introducing a SIEM solution, implementing remote workforce controls and employee training, and outsourcing to an external MDR provider are three strategies for maturing SecOps

Read about healthcare cybersecurity risks: budget constraints, targeted healthcare ransomware, staffing and skills gaps, and more

Learn about how companies are addressing top security challenges in 2022. Find out how Deepwatch can fortify your security posture

Deepwatch is a company that recognizes the value women bring to cyber security, and provides resources to elevate women within the workplace. As a young woman new to a role in cybersecurity, I am excited to see the steps Deepwatch continues to take to provide for its female employees

Ransomware attacks are now a top concern for CISOs and board rooms alike. Understand how to reduce risks with managed MDR

Vulnerability Management is a core domain within the Security program. Read why a strong vulnerability management program is required to help you advance your defense-in-depth strategy to ensure threat actors are detected and removed fast

A right-sized solution, particularly to cover the functions of managed detection and response (MDR), can help address the needs of mid-sized businesses with a solution that fits the budget and time constraints of these companies

Managing security risk today requires a proactive, defense-in-depth approach; threat hunting by expert threat hunters gives organizations 3 distinct advantages to better detect and respond to threats

Bridging the Cybersecurity Skills Gap: See how managed detection and response (MDR offers a fast and reliable solution to overcome risk

Organizations need managed detection and response (MDR) as a fast and reliable solution to overcome business risk associated with the cybersecurity skills gap

Cybercriminals and threats are constantly evolving. These are the 4 ways businesses can manage increasing risks with defense-in-depth strategies to measurably improve security operations outcomes

Deepwatch is actively working on risk mitigation for CVE-2021-44228, the actively exploited vulnerability in Apache Log4j, dubbed “Log4Shell.” Read the latest on what’s happening and what you can do to patch, protect, and defend your security environment from Log4j exploits

Cybersecurity reporting can be challenging when reporting to Executive Leadership and the Board. Learn how to use these Security Operation detection and response metrics and the language of risk management to convey results and explain budget requests

Deepwatch has released Forrester conducted analysis on the Total Economic Impact of their Managed Detection and Response services, including financial analysis on Return on Investment and the positive impact of Deepwatch MDR on cybersecurity investments. Read the three highlights and download the report today

Several reasons are driving the demand for MDR services into the future, and adding momentum to the market forces behind the MDR movement

Watch deepwatch experts 'walk the talk' and see how our security-first culture fuels improvements as innovation and cybersecurity connect

Learn how to defend against the risk of Sensitive Data Exposure, which is #3 on the OWASP List of Top 10 Risks to Web Applications

Read more about how to defend against the risk of broken authentication, which is #2 on the OWASP List of Top 10 Risks to Web Applications

Explore four ways to faster results when you launch or upgrade your SIEM (Security Information and Event Management) system

A logging strategy can help you identify the right data sources you need to best monitor your environment and see threats faster. Learn how to create a logging strategy to advance your threat detection and incident response in security operations

The term “kill chain” comes from a military concept that uses stages to outline the structure of an attack. “Breaking” the opponent's kill chain refers to the ability to block an attack at any stage

In light of the Kaseya VSA ransomware attack, a secure supply chain is more important than ever. Find out how to gauge levels of trust in your supply chain with these six security questions

What is Threat Hunting? Learn the four steps to conduct a successful threat hunt in Splunk

Explore the top 10 take-aways from the Colonial Pipeline ransomware attack that we must all take to heart

Evaluate your SIEM’s performance and your Managed Security Services’ capabilities to manage your SIEM with these 6 questions

Continuing to learn and grow in one’s career - especially in cybersecurity - is more than just a professional advantage

Understand details of the May 7, 2021 Colonial Pipeline darkside ransomware attack, potential mitigations, and how you can prepare for future events

Read about three common cybersecurity threats (phishing, endpoints, and ransomware) and how companies can best defend against them

Learn more about the current landscape of healthcare cybersecurity and the impact of recent ransomware attacks

In this first post covering the Top 10 Risks for Web Application Security, we will dig into the top culprit in the list -- Injection

Splunk certificate management tips to update Splunk's out-of-the-box, root Certificate Authority (CA) for a more secure Splunk environment

Explore SOAR cybersecurity best practices. Get to know the significance and impact behind Security Orchestration Automation and Response

We break down the anatomy of a ransomware attack including the stages of an attack and how to better detect and mitigate ransomware

Interested in learning the roles and responsibilities of a CISO? Discover more details behind the everyday tasks of a CISO

Discover what SecOps is and how your business can maximize its effectiveness. Learn more and get started protecting your business with Deepwatch

Learn more about top network security issues facing the cybersecurity industry today and how you can prevent them

The Big Red Pill: Let the Deepwatch team show you how to use the Palo Alto Networks Best Practices Tool to optimize your firewall security

Learn more about how Deepwatch helps migrate customers from on-prem to Splunk Cloud in a painless and efficient way

Find network security best practices to implement now in order to start protecting your business information

Understanding your cybersecurity maturity. Learn more about maturity assessment by reading this interview today

Learn how to defend against and identify phishing emails to protect your device, your network and your company

Interested in implementing a stronger cybersecurity foundation in your business? Get started with these basic tips for cybersecurity today

Learn how to connect the language of business and how to talk about cybersecurity risk management from the experts at Deepwatch

Learn more about the Splunk Cloud and deepwatch partnership and the industry-leading MDR capabilities it brings for customers

Do you know what the difference between MDR and MSSP services are? Read more as Deepwatch uncovers the specifics behind MDRs vs. MSSPs

Wow, is it over yet? Did we make it? Let's talk about what 2020 meant from an information security perspective

What is MDR? Learn about the basics of MDR, how its different from MSSP, and how to get started with the cyber experts at Deepwatch

Discover how to protect your phone from hackers. From what signs to look out for to what to do if your phone gets hacked

Read more about cyber threat intelligence and how it can help benefit your business. Discover more with the cybersecurity experts at Deepwatch today

What is CIA in cybersecurity? Learn more about CIA in cybersecurity, and how you can use CIA to benefit your business

Interested in learning cybersecurity terms? Read more about cybersecurity terminology and keep yourself up-to-date on the latest in cybersecurity

What is patch management? Learn about it, why it's important and how often it should be performed on your business

Learn Why to Choose Veterans to Continue Their Service On Your Cyber Front Lines! Read to Collect Veteran Resources

There is a strong connection between Deepwatch and The Undercroft. Many wonder “What can I do?" to fill the cybersecurity skills gap

The Twitter hack shakes trust in the platform. Read about the InfoSec impact and critical steps businesses can take to prepare for similar issues

Deepwatch gives back! Deepwatch donates to Feed the Frontlines Denver to provide support to the hard working frontline workers in the Denver community

Listen to the deepwatch Dive Podcast - Episode 1. Learn how Security Analyst Matt Fay got his start in cybersecurity and how he secures customer networks

Why aren't you outsourcing your cybersecurity operations? Discover the benefits and misconceptions about outsourcing your cybersecurity team

Deepwatch serves customers from a nationwide home office-based team. We support our employees and the local communities wherever they reside

Learn the basics of setting up a secure and successful remote workforce with this Remote Working Technology Checklist

Are you having trouble figuring out how to set up and manage your remote workforce? Learn from Deepwatch's experience as a 100% remote organization

Working from home? Discover how to choose the best WiFi router and how to properly secure it so you can work effectively and securely

Discover work from home best practices for security practitioners with Bill Bernard from Deepwatch. Learn how to find success while working from home today

Looking for the advantages of working remotely? Learn more about the Deepwatch operating model and how it benefits security operations, talent acquisition and more.