Blog

Lightbulbs as Newton's Cradle

A Start-up view on Automated Deployments

Why “mediocrity” is your friend (for now at least) SOC.OS is a security alert correlation, enrichment and prioritisation tool that was born in an internal incubator program at BAE Systems Applied Intelligence.  In June 2020, the SOC.OS team and product… Read more

  • 7 min read
  • Alix Wilcock
  • February 4, 2021
Tangled pile of sewing needles

The Needle in the Needlestack

After a great deal of time spent on video calls to friends and family describing the rollercoaster year the SOC.OS team has just had, I often found myself answering questions such as; Is a cybersecurity alert like a mobile notification?… Read more

  • 11 min read
  • Ben Trew
  • January 13, 2021

Lateral Movement 101: what is it and how do attackers do it

Lateral movement is often mentioned in write-ups of multi-stage cyber-attacks. But what is it? Otherwise known as MITRE ATT&CK®’s Tactic TA0008, lateral movement is used by adversaries to navigate their way through a victim’s network. Typically, they’ll exploit vulnerabilities and… Read more

  • 4 min read
  • Nuala Armstrong-Walsh
  • December 23, 2020
SOC.OS Branded Goodie Bag

Life as an Intern at SOC.OS

I joined SOC.OS in August of 2020, approximately a month and a half after their spin out from BAE Systems Applied Intelligence. At SOC.OS, the team are dedicated to fostering an environment of constant improvement – that of the product… Read more

  • 5 min read
  • Nuala Armstrong-Walsh
  • December 17, 2020

How to: Mapping Alerts to the MITRE ATT&CK® framework.

In the ongoing fight against cyber-threats, alert mapping is a useful tool for security analysts. It allows organisations to build an “alert library” via which they can better understand and contextualise threats going forward. As such, it’s fundamental to what… Read more

  • 3 min read
  • Nuala Armstrong-Walsh
  • November 23, 2020
Image shows a castle in a snowy landscape

Defending your castle with MITRE ATT&CK® 

A knowledge gap is the discrepancy between what is known and what should be known. What is known is: The widely held preconception that the MITRE ATT&CK® framework is reserved only for large, extremely sophisticated and cyber mature organisations. At… Read more

  • 7 min read
  • Dave Mareels
  • October 19, 2020