WEBINAR | A Deep-Dive into 2023 Cyber Threats
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
April 25, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
More results...
As intelligence analysts, our day-to-day is looking at lots of different information and discovering trends or different viewpoints. The research might be for generating a product such as a blog or a client request-for-information, or maybe it’s a pet project to investigate further over time, or perhaps the research sits in a long-forgotten folder as there just wasn’t enough data to lead to an interesting conclusion. It may even just be us nerding out about the intelligence cycle. Sometimes the tip-off on activity comes via your own resources. Still, there are times when other researchers or even journalists have the fastest and best access to critical information.
At Digital Shadows (now ReliaQuest), in addition to our own data collection, we’re constantly scouring the internet for various blogs and news articles to drive intelligence updates that help us and our clients stay ahead of the latest threats and trends. We usually come across blogs and articles that get us excited and thinking. Usually, these blogs have a “back-to-basics” theme related to security or intelligence or give us a different perspective about a particular event. However, given all of the recent news about ransomware attacks, we’re steering away from that for sanity’s sake to talk about the articles that probably flew under the radar. These writers have valuable information and informative writing to give us all something to consider. Or, to paraphrase an old C+C Music Factory song from the mid-’90s, these are the blogs that make you go “Hmmmmm…”
Anomali’s AJ Nash wrote a piece about how we need to think about our own self-reliance and self-defense regarding security. Sometimes the security tools don’t catch everything, and users genuinely are the last line of defense–and sometimes even the first and only defense.
“…There is no reason you should not be the protector of your information.” (Anomali)
With so much news revolving around some very public and extensive ransomware attacks lately, I know there have been lots of questions lately about cybersecurity between me and other friends and colleagues in the industry. Much of it is probably due in part to all of the press it’s receiving.
AJ does an excellent job for end-users by describing the various threats, putting them into easy-to-digest terms, and discussing various applications, techniques, and other technologies that can help mitigate user and enterprise security risk. My favorite takeaway line from AJ is, “with all the free tools offered and all the techniques to put into action, there is no reason you should not be the protector of your information.”
We wholeheartedly agree, AJ, especially in past blogs we’ve written about making better passwords and keeping your PII safe. Also, for visual data geeks like me, this article includes a helpful graphic that explains why passwords should be complicated and why lengthy passwords do matter. It boils down to whether you would like an attacker to spend 30 seconds cracking your passwords or 30 million years. We prefer the latter option.
Read it here.
John Conwell and Tim Helming over at DomainTools did all of us in threat intelligence an absolute service by diving into a phenomenon that many of us have tried to understand since the start of the pandemic last year. Essentially, trying to figure out how various scammers and threat actors were attempting to weaponize the COVID pandemic, especially in relation to malicious websites and domains. We saw it happening daily in a previous life, but trying to attribute it and track it in a formulaic way was tough. Having it make sense to customers and being somewhat actionable and predictive was also a challenge.
“Mapping out the online response to different world events is the first step in being able to identify what themes threat actors are targeting…” (DomainTools)
Well, these guys just blew the doors off the phenomenon while also blowing my mind. The article addresses “domain blooms,” which often result after a major world event. In the wake of a significant event, such as the outbreak of COVID, attackers latch on to specific phrasing or words more than others due to more frequent use and turn that against the general public. They may also use a type of algorithm that generates different permutations to give several domains for attackers to exploit. The tricky part is that while these are legitimate domains being registered in many cases, in some cases, they’re speculators trying to make money from parked domains or, more likely, in use to serve a malicious purpose.
The key is understanding where the malicious domains are amidst all the noise of legitimate ones being registered and how an attacker might use them.
Either way, the research is fascinating and adds more context to getting ahead of the campaigns and attackers out there, especially in the future. Pro tip: Beware, there is math in the article, so for those of you who are still wary of equations, you may want to skip that section.
At Digital Shadows (now ReliaQuest), we love when Rick Holland steps to the mic to drop bars because he usually finds a great way to explain strategy and perspective for cybersecurity. These are some of the skills needed to become a pretty good CISO and intel and security professional.
“Think of the EO as a good first step in what I hope will be the last wake-up call in a long line of wake-up calls.” —Rick Holland, CISO at Digital Shadows (now ReliaQuest)
In any case, our fearless leader recently wrote a guest column for SC Magazine that manages to boil down almost 20 pages of Executive Order government-speak into a very readable summary and opinion. In short, Rick applauds the call to action but also worries about whether there will be enough cooperation in government and industry to make all of the concerns and implementations work and whether there will be enough patience and funding to go around to help drive these initiatives. The timing of the EO is fitting, given how much we’re talking about cybersecurity now as a society. Still, Rick also brings up the notion that this should be hopefully the last time we have to do this for a while. Many previous government-led and industry-centered changes helped foster innovation: They helped drive better standards from which we all benefit now. Hopefully, they will continue to get us better at security.
We hope to continue this series so that you can see some gems from the brilliant minds at work on the security problems we’re all facing. If you think you might be facing some challenges with personal information exposed on the web or have concerns about your domains being used maliciously, SearchLight (now ReliaQuest’s GreyMatter Digital Risk Protection) can help you look at where your risk is with a free demo request.