Step into the world of David Elliott, Security Blue Team’s Principal Defensive Content Engineer, whose creative flair and technical expertise shape cutting-edge cybersecurity training. From building realistic scenarios to mentoring talent, David’s work strengthens SBT’s technical team, helping clients master cyber defences. Dive into his story, from RAF roots to...
The first 24 hours after a ransomware attack can determine how effectively your organization recovers. This guide walks through a...
When a security incident hits, missing or messy telemetry can cripple detection and response. Many SOC teams either drown in...
Cybersecurity professionals face unique pressures: relentless threats, constant vigilance, and the emotional toll of protecting others. This blog explores how factors like burnout, alert fatigue, imposter syndrome, and isolation impact mental health, while offering strategies for resilience. It also introduces a free Security Blue Team course designed to help individuals...
"Why did the chicken cross the road?" This common riddle is typically answered with, "To get to the other side." Interestingly, this simple joke metaphorically aligns with the tactics, techniques, and procedures (TTPs) of the threat actor we will be discussing, specifically how they infiltrate their targets' environments to steal...
We explore what it means to be a content engineer, an exciting career emerging within the cybersecurity industry. This piece is authored by our esteemed Defensive Content Engineer, Malik Girondin. With his experience as a cybersecurity instructor for various organizations and as a YouTuber, he has established numerous labs to...
This post will delve into Python's involvement in ransomware, focusing on Cryptonite ransomware. We will explore how Python's ease of use and versatility facilitate the development of this digital threat, examine its mechanics, and discuss how the relative ease of decompiling Python code introduces new risks.
The brainchild of James Weston, Forensics and Investigations Manager at a global telecommunications company, and Security Blue Team founder, Joshua Beaman, the Insider Threat Matrix™ (ITM) was born out of a lack of any formalized framework for discussing insider threat.
In recent events, IT outages have become not only a significant inconvenience for businesses but also an opportunity for cybercriminals to deploy malware.
Knowing what log data to collect and where to collect it from is key to gaining a comprehensive view of your environment and, in turn, enhancing security. Let's examine further.
