Our Blog
Check back for weekly updates
Three Considerations for Measuring Return on Investment from Threat Hunting
BlogThree Considerations for Measuring Return on Investment from Threat Hunting Threat hunting often has ill-defined metrics for organizations attempting to measure “return on investment.” If an analyst isn’t finding bad actors in the environment, leadership may...
An Inside Look at Advanced Attacker TTPs and the Danger of Relying on Industry-based Threat Intelligence
BlogAn Inside Look at Advanced Attacker TTPs and the Danger of Relying on Industry-based Threat Intelligence Many organizations use threat intelligence from industry peers to prioritize vulnerability management and assign criticality when there is not enough existing...
Two Considerations for Building a Security Program Grounded in Diversity and Inclusion
BlogTwo Considerations for Building a Security Program Grounded in Diversity and Inclusion Corporate security programs for major organizations deal with a variety of threats at a staggering global scale and there are playbooks to deal with many of these issues. Above...
Three Considerations for Getting Early Wins from an Insider Threat Program
BlogThree Considerations for Getting Early Wins from an Insider Threat Program Building an insider threat program can be a cultural shift for an organization that values transparency and openness with its workforce. Below are some considerations for demonstrating...
Unexpected Benefits of Third Party Risk Management
BlogUnexpected Benefits of Third Party Risk Management One of the most interesting engagements we’ve seen at Nisos, and there have been many, is straight out of a binge-worthy Netflix drama. A publicly-traded company enters a new business partnership with a seemingly...
Cyber Threat Intelligence: The Firehose of Noise and How We Got Here
BlogCyber Threat Intelligence: The Firehose of Noise and How We Got Here Threat intelligence feeds have become popular, and a company's ability to track threats outside of its own environment is better than ever. With these improvements though, has come an increasing...
Considerations for Securing Container Environments
BlogConsiderations for Security Controls in Containerized and Virtual Environments Containers are popular because they are a cost-effective way to build, package, and promote an application or service, and all its dependencies, throughout its entire lifecycle and...
Considerations for Security Controls in Containerized and Virtual Environments
Current security controls will need to be re-defined based on how we protect the enterprise with two primary considerations: containerized and virtualized environments according to CIO…
Leveraging Technical Expertise & Data Partnerships to Combat Disinformation
Argument – fierce, bold, and impassioned – has been at the heart of our American democracy since the founding…
The Nisos Dogpile
BlogThe Nisos Dogpile As co-founders, Justin and I have had thousands of conversations about Nisos with prospects, clients, investors, and peers in the cybersecurity and investigations industry. The question always comes up, “How are you different?” One of the...
Real Cyber Intelligence Tells a SOC What Its Security Stack Cannot Detect
BlogReal Cyber Intelligence Tells a SOC What Its Security Stack Cannot Detect Actionable cyber threat intelligence should inform a security operations center’s prioritization of the most critical applications and infrastructure to the business and threat hunt program...
Threat Intelligence Through the Eyes of Adversaries
BlogThreat Intelligence Through the Eyes of Adversaries Any adversary conducts reconnaissance on a potential target with one question in mind: is the time and resources for research, development, and exploitation, going to be worth the gain? Below are four insights on...
How to Use Context to Secure Your Platforms
BlogHow to Use Context to Secure Your Platforms Attribution often gets a bad name in the cybersecurity industry. Attribution can be challenging and may not lead to a direct business outcome is a common refrain. Companies that operate digital platforms have a unique...
Common Network Segmentation Strategies for Production Environments
BlogCommon Network Segmentation Strategies for Production Environments Business needs for all company sizes increasingly require managed production environments to perform critical computational and data storage roles that are often administered by company IT...
Three Steps to Work with the Business and Get Your Security Team a Seat at the Table
BlogThree Steps to Work with the Business and Get Your Security Team a Seat at the Table Corporations big and small at least place some emphasis on cybersecurity, but when it comes to establishing a company strategy with data security in mind, many security leaders...
Stay up to the minute
Subscribe to our blog to get notified of updates in your inbox.