We can't start a recap post without a huge THANK YOU to the community for joining us last week and making SOC X such a success!
SOC X 2021 - A Recap
Mar 8, 2021 2:08:00 PM / by Kelley Wilds posted in SOC X, Security, SOC, InfoSec, OpenSOC, Events, NDR, Defense
The Training Secrets of Great Security Operations Teams
Dec 22, 2020 5:21:00 PM / by Bob Drobish posted in SecOps, InfoSec, Training, NDR
At Recon InfoSec we have the honor of working with some of the best security operations, incident response, and threat hunting teams in the world: Fortune 100 companies, military cyber protection teams, global incident response firms, “3 letter agencies,” and “Big 4” professional services companies.
Recon Launches SOC X
Oct 20, 2020 10:35:00 AM / by Kelley Wilds posted in DFIR, Incident Response, Forensics, SecOps, Security, InfoSec, Training, Threat Hunting, NDR
The Recon team is excited to announce the launch of SOC X™, the Professional SOC Team World Championship! The inaugural event will be on March 4, 2021.
Recon Launches Network Defense Range (NDR) Live Online
Oct 6, 2020 10:40:00 AM / by Kelley Wilds posted in DFIR, Incident Response, Forensics, SecOps, Security, InfoSec, Training, Threat Hunting, NDR, BlackHat
The Recon team is thrilled to announce our newest offering, NDR Live Online!
Mapping Adversary Emulation Plans
Sep 18, 2020 11:17:00 AM / by Brian Greunke posted in Automation, Threat Hunting, NDR, Defense, MITRE ATT&CK
The Center for Threat-Informed Defense at MITRE recently released their Adversary Emulation Plans Library on Github.
Recon Provides Range Training for Military Cyber Protection Teams During COVID-19 Lockdown
Apr 29, 2020 12:22:00 PM / by Eric Capuano posted in DFIR, Training, NDR, Defense, Military, CPT, Intel
Recently, our team was asked to provide training for an operational military Cyber Protection Team (CPT). This unit, and many others, are working remotely due to the current global situation but still need a way to provide cutting-edge training to keep their operators sharp and mission-ready. This was a particularly important engagement to the team at Recon as we are a team composed heavily of veterans and current members of Reserve/National Guard components.
Network Defense Range (NDR) Returning to BlackHat 2020
Jan 26, 2020 2:26:00 PM / by Eric Capuano posted in Incident Response, InfoSec, Training, Threat Hunting, NDR, Defense, BlackHat
We're thrilled to be accepted back to BlackHat to run our live-fire Network Defense Range (NDR) course again this year! We received overwhelmingly positive feedback from last year's attendees and we have even bigger plans this year.
Join us for Network Defense Range Training at Black Hat 2019!
Feb 4, 2019 3:48:00 PM / by Eric Capuano posted in DFIR, Incident Response, Forensics, Training, NDR
We're very excited to announce that we'll be bringing our NDR training to Black Hat this year! Come join us for the Network Defense Range Crucible - Live Adversary Detection and Incident Response during Black Hat 2019 Trainings!
Geolocation via Pipelines in Graylog
Aug 21, 2018 4:10:00 PM / by Megan Roddie posted in InfoSec, NDR, Graylog
To the delight of most Graylog users, geolocation is automatically built into the platform via the "GeoIP Resolver" plugin. All that is needed is a MaxMind database and you are ready to roll. However, there is a better way of going about geolocation that might be worth implementing if you are a Graylog power user: lookup tables & pipelines.