Stay Ahead of Threats Part 1: A Comprehensible Introduction to Security Operations Center (SOC)

A Comprehensible Introduction to Security Operations Center Cybercriminal activity is among the most significant challenges that humanity will face in the next two decades. In 2019, over 15.1 billion records were exposed. According to Cybercrime Ventures, the global cost of cybercrime will rise from US$3 trillion in 2015 to US$6 trillion by 2021. Cybercriminals steadily make efforts…

what is threat hunter

Who is a Threat Hunter and what role do they play?

Who is a Threat Hunter and what role do they play? With the growing technological world, cyberattacks are evolving to be more sophisticated than ever; furthermore, a lack of attention given to cyber threats—due to budget, technology, processes, and above all, the team of experts—has led to an increase in the number of successful malware…

How SIEM Automation Can Improve Threat Management

How SIEM Automation Can Improve Threat Management

How SIEM Automation Can Improve Threat Management Let’s see why it is important to know about SIEM Automation. An ocean of data and security alerts are dispatched to organizations on a regular basis. According to the Achieving High-Fidelity Security research by EMA, 92% of organizations were receiving up to 500 events per day, and 88%…

CMSTP.exe

Detect CMSTP.exe with INF Files Infected with Malicious Commands with Free Splunk Detection Rule

Detect CMSTP.exe with INF Files Infected with Malicious Commands with Free Splunk Detection Rule The Microsoft Connection Manager Profile Installer (CMSTP.exe) is a command-line program used to install Connection Manager service profiles. CMSTP.exe accepts an installation information file (INF) as a parameter and installs a service profile leveraged for remote access connections. ID: T1191 Tactic:…