SOC metrics like alerts triaged and threats detected only tell part of the story, especially in financial services where performance is measured in risk, exposure, and business impact. This article explores how to reframe key metrics such as MTTR, containment time, and risk reduction to better align with financial outcomes,...
Meet Jess (Jessica Ryder), Security Blue Team’s HR Manager, leading the HR function across recruitment, onboarding, and employee relations. She...
Often, salary is blamed for SOC churn, but in reality it often is not the primary reason SOC analysts leave....
Locked Shields is as close as it gets to a real-world cyber war without it actually happening. This post breaks down what it’s like to support NATO’s largest live-fire exercise, the scenarios we built, and what training at that scale really looks like when pressure, complexity, and realism all come...
Welcome to our first Faces of SBT blog post, where we’ll be showcasing a member of our team and giving you a behind-the-scenes look at what it’s like to work at SBT. First up is Trevor, our Director of Cloud Services.
Digital forensics is a niche field within cybersecurity, and its subfield, “Browser Forensics,” is less known. Despite that, it is a crucial skill as it can provide abundant information to investigators.
Welcome to the very first SBT Wrapped, where we’ll be sharing some stats from the past year.
We decided to experiment: How effective is data exfiltration via RDP?
Live acquisition is a computer forensics technique that involves collecting data from a running computer system, rather than one that is powered off or dormant. The goal is to capture volatile forensic data, such as that in the main memory (RAM) while minimizing any impact on the system’s integrity. This...
A Command and Control, also known as a C2 or C&C server, is an essential tool for cybercriminals and hackers, acting as the central hub for managing and coordinating malicious activities such as data breaches, malware distribution, and cyberattacks.
