Burnout in SOCs is rarely about individual resilience and more often about how work is designed and sustained. This article explores how alert noise, context switching, and constant vigilance quietly erode performance over time, and what resilient SOCs do differently to protect judgement, focus, and long-term capability.
Starting your first SOC role can feel overwhelming, even with prior training and labs behind you. This blog breaks down...
Many of the challenges that slow investigations and increase escalations in SOCs are not caused by missing tools or technical...
Meet Hari, one of Security Blue Team’s Project Managers, who helps turn complex initiatives into clear, well-coordinated outcomes. From supporting certification launches to keeping cross-functional teams aligned, Hari plays a key role in how SBT delivers at scale. Learn about her journey into cybersecurity, her passion for problem-solving, and how...
Picture a team diving into a winter wonderland where snowmobiles hunt the Northern Lights, huskies charge through snowy trails, and drinks come in glasses chiseled from ice. That’s what SBT got up to during our annual Global Connect, a company get-together that took us from Stockholm to the icy wilds...
From understanding the foundations of ransomware to engaging in negotiation simulations, students will gain practical insights into managing cyber extortion scenarios.
This blog series will explore Security Blue Team's adventure into the reverse engineering of a novel SmartLoader malware variant. This malware was discovered during our research into Belsen Group's high-profile FortiGate leak. This leak was advertised as containing a list of affected companies with associated configuration data from their FortiGate...
We need a suitable environment to detonate the malware in a repeatable fashion. This environment should allow us to substitute our mock APIs and host to ensure the malware operates as close to real as possible.
The Black Basta ransomware gang recently made headlines for all the wrong reasons when someone using the online handle “ExploitWhispers” shared internal chat logs of the group with the public — close to a year’s worth of messages in a JSON file.
This write-up is a POC (Proof of Concept) to demonstrate a potential vulnerability in GitHub and Discord that can be exploited. You are free to verify the issue, as we encourage the developers at GitHub and Discord to properly secure their systems to lower the risk of an exploit.
