Cortex XSOAR Tips & Tricks – Execute Command Function

This entry is part 2 of 9 in the series Cortex XSOAR Tips & Tricks

Introduction When developing the automated SOC workflows for the NVISO Managed SOC and the additional NITRO services on Cortex XSOAR, we have started to make use of automations to do complex tasks instead of playbooks. Automations have much better performances and, if your team has a decent level of Python skills, developing complex tasks in … Continue reading Cortex XSOAR Tips & Tricks – Execute Command Function →

Cortex XSOAR Tips & Tricks

This entry is part 1 of 9 in the series Cortex XSOAR Tips & Tricks

Introduction With our Managed Detect and Respond (MDR) service, NVISO provides a managed Security Operations Center (SOC) for a large variety of clients across different industries. Since the beginning of this service, we had an “automate first” principle where we tried to automate as much of the repetitive tasks of the SOC analysts as possible, … Continue reading Cortex XSOAR Tips & Tricks →

Automated spam detection in Palo Alto Cortex XSOAR

Introduction With our Managed Detect and Respond (MDR) service at NVISO we provide a managed Security Operations Center (SOC) for a large variety of clients across different industries. In our SOC, we rely heavily on automations performed by our SOAR platform Palo Alto Cortex XSOAR to minimize the manual tasks that need to be done … Continue reading Automated spam detection in Palo Alto Cortex XSOAR →

Phish, Phished, Phisher: A Quick Peek Inside a Telegram Harvester

In one of the smaller campaigns we monitored last month (September 2021), the threat actor inadvertently exposed Telegram credentials to their harvester. This opportunity provided us some insight into their operations; a peek behind the curtains we wanted to share.

Going beyond traditional metrics: 3 key strategies to measuring your SOC performance

Establishing a Security Operation Center is a great way to reduce the risk of cyber attacks damaging your organization by detecting and investigating suspicious events derived from infrastructure and network data. In traditionally heavily regulated industries such as banking, the motivation to establish a SOC is often further complimented by a regulatory requirement. It is … Continue reading Going beyond traditional metrics: 3 key strategies to measuring your SOC performance →