Insights & expertise

Discover unprotected endpoints in your Microsoft environment. Step-by-step guide to MDE discovery tools and automated solutions.

Learn how to configure DKIM and DMARC in Microsoft 365 to prevent email spoofing and improve deliverability. Includes setup steps and monitoring guidance.

Learn how to identify unmanaged and BYOD devices using identity logs, MDM systems, and network data to close security gaps and prevent ransomware.

The technical controls required for cyber insurance shouldn't just be about checking the box. Constantly monitoring and validating those tools is the difference between real resilience and your claim not getting paid out.

From device management to MFA enforcement, understanding how your environment is secured at any given time is a critical element for insurance and audits.

Learn why cyber insurance claims get rejected. From Hamilton's $18M denial to EDR gaps, discover which control failures void coverage.

Passive Mode is an effective tool in Microsoft Defender Antivirus to manage CPU usage, but only when paired with another active antivirus on the device. Understanding how to find and manage Passive Mode devices is key to ensuring a secure environment.

Prelude announces foundational integrations with Tenable and Qualys to surface gaps in vulnerability scans that pose risk to security and compliance efforts.

Operationalizing continuous control monitoring and threat exposure management doesn't need to be a drain on your team.

Learn how to configure CrowdStrike's Volume Shadow Copy protection to block ransomware from deleting backup snapshots. Includes setup, verification, and monitoring guidance.

Explore MITRE ATT&CK techniques used by Scattered Spider in major recent UK retailer cyberattacks and how to evaluate your own organization's defenses.

Mapping your security configuration to frameworks like MITRE ATT&CK can expose coverage gaps and policy miscues, but often requires intensive manual effort.

Email security tools provide a wealth of settings to hone defenses against phishing threats, but knowing whether they're enabled can be a challenge.

Knowing what to secure is more than half the battle of security. Taking inventory across multiple, disparate security tools often paints an incomplete picture of what exists in your environment.

Reduced Functionality Mode (RFM) prevents the Falcon sensor from running expected detection and prevention activities, hampering CrowdStrike's ability to proactively manage threats.

Finding missing controls, updating critical policies, and evaluating configurations against relevant threats are just some of the ways you can leverage Prelude.

Discover how EDR remains a critical cybersecurity tool, the challenge of talent shortages, and how to make the most of tight budgets.

Security control investments often require the approval of multiple executive stakeholders, including your board. Justifying the investment means framing it as more than just a necessity, but a business outcome.

Deploying a robust CTEM program can reduce operational load while mitigating your risk against an increasing number of vulnerabilities.

Matt Hand, Director of Security Research and author of "Evading EDR" provides their perspective on their career and the future of security control validation.