Attending Splunk .conf21? Join us for our session, Tips from the Trenches: Practical Search and Response to Stop Ransomware with Splunk. Learn More ➞

Sean Gavin

Author's Posts

Mature Your Threat Intelligence Program: How to Measure, Benchmark, and Improve Intel Fidelity

When you think of threat intelligence, what comes to mind? Collections of IP addresses, hashes, maybe domains? Like many organizations, you may have many intelligence feeds with thousands of these indicators. How do you make sense of it? How do you create actionable decisions based on these? How do you measure the fidelity of your […]

Protect Your Organization from BYOD Security Risks With These 6 Steps

In today’s workforce, the use of personal mobile devices for work has become the norm. This new environment is what we call Bring Your Own Device (BYOD). While BYOD environments provide many benefits to enterprises such as reduced cost, increased flexibility, and increased employee productivity, they are also accompanied with security concerns, such as introducing […]

Healthcare Industry Spotlight: Tips for Detecting and Investigating Common Insider Threats

In the healthcare industry, insider threats typically take the form of an authorized individual abusing access to resources such as healthcare networks or electronic healthcare systems. In order to protect the business from unauthorized access, disclosure, modifications, or destruction, you need visibility into your information and information systems. A recent example of an insider threat […]

Your Security Team’s Top 4 Investigation Challenges That Could Be Solved With Automation

Consistent and efficient investigations, quick response times, and a proactive team… sound too good to be true? In reality, most security teams suffer through inefficiencies and alert fatigue that could be resolved through security automation. Many organizations are uncertain of where and how to begin on the journey to automation, often stemming from a lack […]

5 Ways to Use Continuous Attack Simulations to Validate Your Security Controls

How confident are security teams that their controls will catch attacks when they arise? Ask around, and you might notice a theme: as enterprise security models grow in complexity, teams struggle to validate their security controls, increasing the likelihood of undetected breaches, gaps in protection, and weaknesses from unpatched systems. These scenarios are indeed worrisome, […]

GreyMatter’s Partner Ecosystem: Dozens of Integrations = One Unified View

Security teams have been loading up on disparate technologies to better defend their environments for the past several years. The result: with multiple tool sets and data living in numerous locations, it’s difficult to have confidence that you have enough visibility to protect your business against threats. Not to mention, each technology has its own […]