11 min
Security Operations (SOC)
Talkin’ SMAC: Alert Labeling and Why It Matters
This blog post will demonstrate some common pitfalls of alert labeling, and offers a new framework for SOCs to use.
11 min
Research
The Masked SYNger: Investigating a Traffic Phenomenon
At the beginning of 2020, Rapid7 and other researchers began noticing increased scanning activity against a variety of TCP ports.
9 min
Security Operations (SOC)
Moving Toward a Better Signature Metric in SOCs: Detection Efficacy
In this blog, we break-down the "Detection Efficacy" metric within the Security Operation Center (SOC).