Many of the challenges that slow investigations and increase escalations in SOCs are not caused by missing tools or technical skills. They stem from uneven judgement under uncertainty. This article explores why judgement is harder to build than knowledge, how it affects escalation and closure, and what SOC managers can...
Say hello to Alaina and Dora, the brilliant creative duo behind Security Blue Team’s distinctive look and feel. As our...
Step into the world of David Elliott, Security Blue Team’s Principal Defensive Content Engineer, whose creative flair and technical expertise...
Ransomware training helps cybersecurity professionals move beyond technical response to become trusted contributors during high-pressure incidents. By understanding attacker behavior, business impact, negotiation dynamics, and the full incident lifecycle, practitioners gain credibility across technical, legal, and executive teams. This practical, real-world knowledge builds confidence, expands career options across multiple security...
CVSS, or Common Vulnerability Scoring System, is a standardized framework used to assess and communicate the severity of software vulnerabilities. It provides a numerical score representing the vulnerability’s potential impact, helping security professionals and organizations prioritize their responses to different security threats.
Embark on a journey into the shadows of malware persistence where malicious software meets the art of invisibility, and how a legitimate Windows feature such as IFEO becomes a weapon in the hands of crafty threat actors.
There has been a lot of talk recently about ChatGPT and its implications for a wide range of industries. Potential applications are vast, including creative design, technical writing, and programming. In this article, we will explore some of the potential applications within the realm of cybersecurity — as well as...
In this blog post, we’ll investigate the fascinating details regarding CVE-2023–47246 SysAid On-Prem Software Vulnerability and uncover how attackers are compromising endpoints. This blog will also discuss how Lace Tempest weaponizes GraceWire Loader or Turtle Loader, and how to recognize the indicators of compromise (IOCs) from active exploitation.
We’re delighted to announce exciting new partnerships with two fantastic organizations. This is part of our mission to give back to the community and support people at all stages of their cybersecurity training and career development.
Wouter van den Bergh is the volunteer teacher delivering our BTL1 certification to students taking part in Cyberworkplace’s new training initiative.
