A SOC Toolbelt: Best Practices for Security Operations

August 07, 2025 | Nikki Stanziale

Read More

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.

Stories from the SOC – ClickFix and Chill, Now Here’s the Ransomware Bill

June 18, 2025 | Anthony Alvarado

Background

LevelBlue SOC Analysts See Sharp Rise in Cyber Threats: Stay Vigilant

December 11, 2024 | Dustin Swening and Kenneth Ng

This holiday season our SOC analysts have observed a sharp uptick in cyber ...

Stories from the SOC: Registry Clues to PDF Blues: A Tale of PUA Persistence

November 21, 2024 | Jeff Kieschnick

Executive Summary Establishing persistence on a system allows a threat actor ...

Reducing Alert Fatigue by Streamlining SOC Processes

October 07, 2024 | Katrina Thompson

The content of this post is solely the responsibility of the author. LevelBlue ...

The modern next gen SOC powered by AI

February 21, 2024 | Matt Mui

AI is among the most disruptive technologies of our time. While AI/ML has been ...

Cybersecurity operations in 2024: The SOC of the future

January 17, 2024 | Theresa Lanowitz

This is part two of a three-part series written by LevelBlue evangelist Theresa ...

Stories from the SOC: Fighting back against credential harvesting with ProofPoint

June 29, 2023 | Emine Akbulut

Executive summary Credential harvesting is a technique that hackers use to gain ...

Threat Hunt: KillNet’s DDoS HEAD Flood Attacks - cc.py

June 14, 2023 | Samad Khawaja

Executive Summary Killnet is a hacktivist group based in Russia that has been ...

Stories from the SOC  - The case for human response actions

February 23, 2023 | Edwardo Rodriguez

Stories from the SOC is a blog series that describes recent real-world security ...

GuLoader – a highly effective and versatile malware that can evade detection

February 15, 2023 | Luke Song

The content of this post is solely the responsibility of the author. LevelBlue ...

How can SOC analysts use the cyber kill chain?

July 07, 2022 | Shigraf Aijaz

This blog was written by an independent guest blogger.

Stories from the SOC - Office 365 account compromise and credential abuse

June 23, 2021 | Marcus Hogan

Stories from the SOC is a blog series that describes recent real-world security ...

Benefits of a security operations center (SOC)

June 18, 2020 | Ericka Chickowski

This blog was written by an independent guest blogger.

Stories from the SOC- RIG Exploit Kit

March 30, 2020 | Andrew Lukosevic

Executive summary Stories from the SOC is a blog series that describes recent ...

Why security monitoring falls short and what can be done about it

September 27, 2019 | Aaron Sierra

Photo by Emmanuel on Unsplash

Who Would You Hire in Your SOC?

December 10, 2018 | Kate Brew

I got curious about what kind of people are most desired in a Security ...

Cybersecurity & Formula 1 Racing - It's a Profession

November 01, 2018 | Ori Arbel

This is perspective from one of our MSSP partners, CyberHat.

Tales from the SOC: The Simulated Attack

March 27, 2018 | Matt Kimpel

Introduction In today’s world, understanding threats and how to avoid them are ...

Great MSSP Advice from a Seasoned InfoSec Veteran

February 14, 2017 | Sam Tormey

I spoke with security expert Steve Wood about daily life as a security analyst. ...

Turning Your MSP NOC into a MSSP SOC

June 16, 2016 | Kate Brew

Years ago the Network Operations Center (NOC) was well known, but few had heard ...