Insights Blog

Splunk detects threats, but 24/7 coverage is the key. Gaps cause alert fatique, chaos and exposure. Explore options to improve threat detection and response.

Alert fatique, dirty logs, useless reports dragging you down? Learn how to fix it in Splunk and get real value from your SIEM.

Stretched security team? Missed threats? Need 24/7 coverage? Leverage your Splunk with MDR for control, outcomes, and peace of mind.

AI Phishing scams are on the rise this April Fools' Day. Beware of sophisticated email & texts mimicking trusted sources. Stay vigilant & protect your data.

Discover how Deepwatch's acquisition of Dassana revolutionizes security operations by integrating AI-powered risk management and threat intelligence, enabling proactive threat prevention and enhanced visibility for CISOs.

Discover how to transform your organization's cyber architecture from conceptual to practical with preemptive strategies that enhance security and resilience. Read more in Volume 2 of A Cyber Architect’s Playbook.

Discover the evolving role of the CISO as a Cyber Architect, bridging cybersecurity with business resilience and strategy for a stronger organization.

Discover key insights from Black Hat 2024 on AI/ML developments and rising data security concerns. Learn how to shape proactive security strategies for the future in this continuation of our reflections.

Explore the lessons learned from CrowdStrike and Microsoft at Black Hat 2024, emphasizing the need for a holistic cybersecurity strategy to enhance organizational resilience.

Explore Deepwatch's innovative approach to Managed Detection and Response, offering eight new add-on modules that integrate cutting-edge technologies to improve data visibility, control, and precision response across your attack surface.

Learn about Deepwatch's journey to achieving ISO 27001 certification and the importance of maintaining the highest information security standards.

Discover strategies and insights from the Deepwatch BOTS Team as they share their experience in the .conf 2024 Boss of the SOC competition.

Learn why NIST's Cybersecurity Framework 2.0 emphasizes the need for a seperate "Govern" function and the impact of governance on security programs.

Discover the advantages of using Splunk UI and Dashboard Studio for building dashboards and visualizations in Splunk.

Discover the importance of open-source threat intelligence and how it can empower individuals and organizations to proactively enhance their security posture.

Discover the impact of SIEM market consolidation on MSSP/MDR customers and the future of security operations in 2024.

Shift focus from constant threats in cybersecurity to prioritizing protection. Embrace cyber resilience for a safer digital landscape with this blog post.

Learn about the elevated level partnership between Deepwatch and CrowdStrike, and the expanded capabilities it brings to the cybersecurity landscape.

From the SOC, Tim Grossner discusses securing or migrating away from VPNs after the recent rash of high profile attacks on multiple vendors.

Discover practical recommendations for optimizing vulnerability management tools and leverage APIs to enhance reporting capabilities.

Understand the parallels between the "Golden Hour" in medical emergencies and the response time in cybersecurity incidents, and the potential consequences of delayed incident response.

Learn how to safeguard the integrity of your supply chain with Deepwatch's cybersecurity expertise. Mitigate vulnerabilities and build a more cyber resilient future.

Gain insights into the zero-day vulnerability affecting Palo Alto Networks’ Global Project, including its impact, patch time, and cyber resilience recommendations.

Look beyond where buzzwords like automation and artificial intelligence (AI) and learn how Deepwatch empowers our trusty SOC analysts

Looking to deploy advanced EDR solutions? Leverage these 2024 best practices to ensure success in your Endpoint Detection & Response programs.

Don't fall for something that's not true. Discover why Deepwatch believes April Fools' Day is made to be a Cyber Resilience Holiday.

Deepwatch uncovers a new threat to victims searching for the 2023 Adobe Photoshop installer and getting a Monero cryptocurrency miner instead.

Discover how the Deepwatch and AWS solution effectively addresses today's cloud security challenges and boosts organization's cyber resilience.

Dive in with Deepwatch's Sr. Manager of Platform Operations and Engineering as he breaks down the engineering teams role in Splunk utilization.

Dive into the world of detection engineering and the use of the MITRE ATT&CK framework within the SOC with Deepwatch's Director of Threat Operations.

Deepwatch dives into the revolution in SOC data through the introduction of an Open Security Data Architecture to address key industry problems.

A TLDR on what security leaders need to know about the ConnectWise and ScreenConnect vulnerabilities, including recommendations beyond patching

Get insights on all things AWS detection engineering, including CloudTrail logs & alerting, best use of tools, detection use cases, & configurations

Get guidance from one of the largest SOCs in the business on key components to building a resilient security operations program

Adversaries are using popular domains to bypass Secure Email Gateway (SEG) protections. Learn how to leverage mature SIEM detections for solid defense

Zloader is back again. Get details of their latest variant (version 2.0.0.0), with insight on the inner workings of the threat, indicators, and tooling

Get the pertinent facts on Ivanti's two recent zero-day CVEs and know what actions you can take while patches are still being rolled out

Data leak sites listed over 2,400 victims in 2023. Read for a full analysis on groups, impact to industries and geography, and how to avoid falling victim

Get insights on the state of ransomware in 2023, its evolution and new threats, along with predictions for the landscape in 2024

The FBI has halted BlackCat/ALPHV on the dark web and provided a free, effective ransomware decryptor. Read for key lessons from this takedown

Deepwatch breaks down hyperautomation in cybersecurity - what it is, examples, and benefits. Learn how it's bringing harmony to dissonance

Understand the crucial elements of vulnerability management maturity and how they play into building cyber resilience

Microsoft Defender logs can be perplexing and convoluted. Hear from Deepwatch engineers as they break down this logging mechanism

Deepwatch's VP, Security & Content Strategy reveals key lessons from the recent MGM & Caesars cyber attacks that you can apply on your journey to cyber resilience

Uncover insights from recent security breaches, the business impact, and how a focus on cyber resilience could help your organization avoid the same

Get clear insights on what plus addressing is, how it enhances cyber awareness and resiliency, and how it can help reduce phishing attacks

As the attack landscape expands & grows in complexity, proactive defense is not enough. Learn why cyber resilience is imperative to organizations today

Get insights on Cisco's acquisition of Splunk, its impact on customers & the cybersecurity industry as a whole from CEO of Deepwatch, a key Splunk partner

The role of a security leader is not to prevent every attack. Discover how cyber resilience enables teams to respond competently when incidents occur

As generative AI tools emerge, Deepwatch's Michael Mayes breaks down moral and ethical considerations, taking lessons from other emerging tech

SecOps outsourcing is more than just a reaction to a skills shortage. Unlock the key benefits it can have on your organizations long-term success and security

Explore the observations, metrics, trends and forecast the Deepwatch ATI team has uncovered in their 2023 Threat Report.

Financial services organizations are faced with continuous cyber attacks and increased challenges. Discover the top 8 threats today

Understand the most damaging cyber attacks security teams should look for to reduce risk this holiday shopping season

Take and apply these vulnerability management best practices and future proof your organization from threats

Stay prepared & continue advancing your cybersecurity efforts with insight on the issues predicted to arise in 2023

Discover how healthcare organizations can bridge the cybersecurity skills gap amongst an ever changing landscape

New vulnerabilities are discovered every day. Know when it's time to improve your tech stack, hire, or leverage managed services

Stop living with extortion. Understand how to better protect your organization from ransomware with managed detection and response

Dive in as we breakdown Uber CISO, Joe Sullivan’s conviction, the pressures CISOs are under today and the mindset shift that needs to happen

Any company can be breached by an employee making a poor security choice. Get the background on Uber's security breach and lessons learned

Privacy and security extend beyond HIPAA. Understand how to effectively mature SecOps in healthcare to protect patient care

Building and maintaining a modern security operations center (SOC) is a dynamic and expensive endeavor. Know the hidden costs to take into account

As economic concerns grow, security teams with limited resources look to Deepwatch Managed Security Solutions to optimize budgets, extend coverage, and reduce risk

Security Operations is no island and your team can’t secure everything by themselves. Cybersecurity is a team sport, and everyone needs to be involved. Your security operations team needs to collaborate with other groups and departments to understand priorities, goals, and objectives

Read about healthcare cybersecurity risks: budget constraints, targeted healthcare ransomware, staffing and skills gaps, and more

Ransomware attacks are now a top concern for CISOs and board rooms alike. Understand how to reduce risks with managed MDR

Vulnerability Management is a core domain within the Security program. Read why a strong vulnerability management program is required to help you advance your defense-in-depth strategy to ensure threat actors are detected and removed fast

Managing security risk today requires a proactive, defense-in-depth approach; threat hunting by expert threat hunters gives organizations 3 distinct advantages to better detect and respond to threats

Organizations need managed detection and response (MDR) as a fast and reliable solution to overcome business risk associated with the cybersecurity skills gap

Deepwatch is actively working on risk mitigation for CVE-2021-44228, the actively exploited vulnerability in Apache Log4j, dubbed “Log4Shell.” Read the latest on what’s happening and what you can do to patch, protect, and defend your security environment from Log4j exploits

Cybersecurity reporting can be challenging when reporting to Executive Leadership and the Board. Learn how to use these Security Operation detection and response metrics and the language of risk management to convey results and explain budget requests

Deepwatch has released Forrester conducted analysis on the Total Economic Impact of their Managed Detection and Response services, including financial analysis on Return on Investment and the positive impact of Deepwatch MDR on cybersecurity investments. Read the three highlights and download the report today

Watch deepwatch experts 'walk the talk' and see how our security-first culture fuels improvements as innovation and cybersecurity connect

Learn how to defend against the risk of Sensitive Data Exposure, which is #3 on the OWASP List of Top 10 Risks to Web Applications

Read more about how to defend against the risk of broken authentication, which is #2 on the OWASP List of Top 10 Risks to Web Applications

Explore four ways to faster results when you launch or upgrade your SIEM (Security Information and Event Management) system

A logging strategy can help you identify the right data sources you need to best monitor your environment and see threats faster. Learn how to create a logging strategy to advance your threat detection and incident response in security operations

The term “kill chain” comes from a military concept that uses stages to outline the structure of an attack. “Breaking” the opponent's kill chain refers to the ability to block an attack at any stage

What is Threat Hunting? Learn the four steps to conduct a successful threat hunt in Splunk

Explore the top 10 take-aways from the Colonial Pipeline ransomware attack that we must all take to heart

We break down the anatomy of a ransomware attack including the stages of an attack and how to better detect and mitigate ransomware

Interested in learning the roles and responsibilities of a CISO? Discover more details behind the everyday tasks of a CISO

Discover what SecOps is and how your business can maximize its effectiveness. Learn more and get started protecting your business with Deepwatch

Learn more about top network security issues facing the cybersecurity industry today and how you can prevent them

Find network security best practices to implement now in order to start protecting your business information

Learn how to defend against and identify phishing emails to protect your device, your network and your company

Interested in implementing a stronger cybersecurity foundation in your business? Get started with these basic tips for cybersecurity today

Learn more about the Splunk Cloud and deepwatch partnership and the industry-leading MDR capabilities it brings for customers

Do you know what the difference between MDR and MSSP services are? Read more as Deepwatch uncovers the specifics behind MDRs vs. MSSPs

Wow, is it over yet? Did we make it? Let's talk about what 2020 meant from an information security perspective

What is MDR? Learn about the basics of MDR, how its different from MSSP, and how to get started with the cyber experts at Deepwatch

Read more about cyber threat intelligence and how it can help benefit your business. Discover more with the cybersecurity experts at Deepwatch today

What is CIA in cybersecurity? Learn more about CIA in cybersecurity, and how you can use CIA to benefit your business

Interested in learning cybersecurity terms? Read more about cybersecurity terminology and keep yourself up-to-date on the latest in cybersecurity

What is patch management? Learn about it, why it's important and how often it should be performed on your business

Why aren't you outsourcing your cybersecurity operations? Discover the benefits and misconceptions about outsourcing your cybersecurity team

Discover work from home best practices for security practitioners with Bill Bernard from Deepwatch. Learn how to find success while working from home today