Oh boy, not another AI post! Like it or not, we should sit down and talk about this new technology that has long since crested our horizon so we can grasp how to prepare our SOCs better.

XDR may seem like an EDR with just a new splash of paint, but stretching it’s legs, XDR can truly displace traditional SIEM implementations and improve our SOC’s ability to detect and respond beyond the endpoint.

SANS and NIST have the most used Incident Response Frameworks, but there’s one we believe that suits the industry as a whole better, despite what some metrics say.

Our thoughts on the approach to Phishing and Malspam for organizations, with some tips on using SOAR to help solve the problem.