The Benefits of Sentinel’s Migration to the Unified Defender XDR Portal Through Security, Operational, and Commercial Lenses
December 26, 2025 | James Kucan
.jpg?width=344&name=Blog-Header@2x%20(1).jpg)
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
A SOC Toolbelt: Best Practices for Security Operations
August 07, 2025 | Nikki Stanziale
A SOC Toolbelt
Stories from the SOC – ClickFix and Chill, Now Here’s the Ransomware Bill
June 18, 2025 | Anthony Alvarado
Background
Stories from the SOC: Caught in the Trap: Detecting and Defending Against RaccoonO365 Phishing Campaigns
January 17, 2025 | Julius Charles, Alejandro Prada, and Josh Gomez
Executive Summary In September 2024, LevelBlue conducted a comprehensive threat ...
How Microsoft E5 Security Helps Protect Healthcare and Patient Data
October 10, 2024
In the healthcare industry, safeguarding patient data is not just a regulatory ...
Stories from the SOC - Sowing the Seeds of Cybercrime: The Credential Harvester
August 08, 2024 | Sean Shirley
Executive Summary Cyber attackers are constantly innovating new ways to ...
Navigating the Cybersecurity Landscape: A Deep Dive into Effective SIEM Strategies
July 02, 2024 | Sam Bocetta
The content of this post is solely the responsibility of the author. LevelBlue ...
Introduction to Software Composition Analysis and How to Select an SCA Tool
April 17, 2024 | Alex Vakulov
The content of this post is solely the responsibility of the author. LevelBlue ...
The modern next gen SOC powered by AI
February 21, 2024 | Matt Mui
AI is among the most disruptive technologies of our time. While AI/ML has been ...
DarkGate malware delivered via Microsoft Teams - detection and response
January 30, 2024 | Peter Boyle
Executive summary While most end users are well-acquainted with the dangers of ...
Cybersecurity operations in 2024: The SOC of the future
January 17, 2024 | Theresa Lanowitz
This is part two of a three-part series written by LevelBlue evangelist Theresa ...
Stories from the SOC - The case for human response actions
February 23, 2023 | Edwardo Rodriguez
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - RapperBot, Mirai Botnet - C2, CDIR Drop over SSH
January 31, 2023 | Emine Akbulut
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC: Fortinet authentication bypass observed in the wild
November 14, 2022 | Amer Amer
Executive summary: Fortinet’s newest vulnerability, CVE-2022-40684, allowing ...
How can SOC analysts use the cyber kill chain?
July 07, 2022 | Shigraf Aijaz
This blog was written by an independent guest blogger.
Stories from the SOC - Detecting internal reconnaissance
June 27, 2022 | Nathan Vail
Stories from the SOC is a blog series that describes recent real-world security ...
Suspicious behavior: OTX Indicator of Compromise - Detection & response
May 25, 2022 | Julius Charles
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - Persistent malware
May 16, 2022 | Adam Vertuca
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - Command and Control
May 09, 2022 | Robert Dean
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - Lateral movement using default accounts
April 19, 2022 | Robert Dean
Stories from the SOC is a blog series that describes recent real-world security ...
Working with MSSPs to optimize XDR
March 08, 2022 | Michael Vaughn
Businesses today have many tools in their security stack and security teams ...
Stories from the SOC - Inactive Account Exploitation
January 24, 2022 | Alex Galindo
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - Powershell, Proxyshell, Conti TTPs OH MY!
November 10, 2021 | Josh Gomez
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - Data exfiltration
October 11, 2021 | Julius Charles
Stories from the SOC is a blog series that describes recent real-world security ...
Top 4 Considerations When choosing an XDR solution
September 28, 2021 | Rich Langston
Cybersecurity is a fast-moving space. In fact, it’s hard to think of a time ...
The meaning behind XDR: A beginner’s guide to extended detection and response
September 22, 2021 | Belinda Streak
Where we are In the world of threat detection and response, alert fatigue and ...
