We’ve expanded our partnership with Mandiant, now part of Google Cloud, to help our users operationalize and prioritize threat intelligence. READ THE PRESS RELEASE >

Threat Profiles: Figuring Out Which Threats Matter

threat profile

What are Threat Profiles? In a typical security operations center (SOC), the threat detection and response teams have one key objective: identify and stop the bad guys. To do so, they invest in the best tools, recruit the best team members, and work tirelessly to stay ahead of any potential security incidents that might be […]

SnapAttack Platform Integrations

SnapAttack Platform Integrations

DOWNLOAD NOW > What’s in this Datasheet? SnapAttack was built to power not just one tool, but to help you get the most out of any security tool. Download to view the security tools with which SnapAttack has translation and API integrations. DOWNLOAD >

Hunting Impacket: Part 2

Hunting Impacket Part 2

Impacket Overview Welcome back. This is part two of our blog series covering the Impacket example tools. Impacket is a collection of Python classes focused on providing tools to understand and manipulate low-level network protocols. This capability enables you to craft or decode packets of a wide variety of protocols such as IP, TCP, UDP, […]

Google Chronicle and SnapAttack

Google Chronicle x SnapAttack Datasheet

DOWNLOAD NOW > What’s in this Datasheet? SnapAttack is an intelligence-driven threat detection platform that provides threat-specific detection rules and hunting searches, recommended based off of an organization’s unique threat profile, for teams to quickly and easily implement in Chronicle. DOWNLOAD >

Hunting Impacket: Part 1

Hunting Impacket

Impacket Overview Impacket is a collection of Python classes focused on providing tools to understand and manipulate low-level network protocols. This capability enables you to craft or decode packets of a wide variety of protocols such as IP, TCP, UDP, ICMP, and even higher-level protocols like SMB, MSRPC, NetBIOS, and others.One of the key strengths […]

How to Measure Threat Hunting ROI

How to Measure Threat Hunting ROI

The Problem with Threat Hunting Metrics Threat hunting is a massive commitment of time, resources, team members, and technology. Any investment that impactful would normally be one that was carefully measured to ensure it was driving sufficient value for the team. The thing is, there’s no established benchmark of “success” in threat hunting. Measuring the […]

Creating Actionable Threat Intelligence for Threat Hunters

Creating Actionable Threat Intelligence for Threat Hunters

Ask any security leader and they’ll tell you actionable threat intelligence is the cornerstone of a successful, threat-informed security operations center (SOC). However, to be of any real value to the team, threat intelligence needs to be relevant, timely, and supportive of next steps for the teams that utilize it. Due to the sheer volume […]

SnapAttack ThreatLabs: How to Detect CVE-2023-46214

How to Detect CVE-2023-46214 SnapAttack ThreatLabs

Authored by Trenton Tait Threat Researcher at SnapAttack Linkedin Table of Contents: Intro + Overview Exploitation Example MITRE Mitigations Conclusion Detections, Attack Captures, and Resources CVE-2023-46214 is identified as a Remote Code Execution (RCE) vulnerability within Splunk Enterprise, as reported in the Splunk security advisory SVD-2023-1104 on November 16, 2023. Successful exploitation of this vulnerability […]

Threat Management isn’t Fantasy Football

Threat Management isn’t Fantasy Football

Get your access to the webinar recording: Duration: 58 minutes    |    Partnering webinar with: Google Cloud Security About the Webinar Find out how to build and operate a game-winning threat management strategy by aligning your team, automating cumbersome processes, and measuring the right metrics (the ones that matter to your unique SOC). Join us […]

Accelerate SOC Maturity with Threat Hunting

Accelerate SOC Maturity with Threat Hunting

Table of Contents: What Is SOC Maturity? Why Is It Important? What Does a Mature SOC Look Like? What Holds Organizations Back from Threat Hunting? Threat Hunting Benefits: Why Is Threat Hunting Important for SOC Maturity? What Is SOC Maturity? Why Is It Important? SOC leaders who got their start in security 10 or 20 […]