kkostreva@guardsight.com

About Katherine Kostreva

This author has not yet filled in any details.
So far Katherine Kostreva has created 87 blog entries.
GuardSight Work Instructions

How to Mitigate Elevated Op-Tempos with Work Instructions

2022-09-29T04:38:14+00:00

Did you know that the GuardSight Cybersecurity Teams (SECOPS/SPECOPS) develop and use Work Instructions to create and maintain a system of operational excellence? Here's what it's all about: Consistency, speed, precision, and transition are vital factors for effective Cybersecurity operations. Risks of defects to tactics, techniques, and procedures brought on by continually elevated op-tempos can be mitigated by documented instructions and training. Instructions provide teams with everything from maintaining cyberweaponry to performing analysis, dissecting malware, and preparing customer briefings. ... Read More

How to Mitigate Elevated Op-Tempos with Work Instructions2022-09-29T04:38:14+00:00

TomCast XXXVIII: NIST SP 800-53 Revision 5

2022-09-27T21:09:20+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are continuing the series on the National Institute of Standards and Technology, otherwise referred to as NIST. We are going to jump in to the NIST Special Publication 800-53 revision 5. This one doesn’t have a unique acronym either like the CSF or ... Read More

TomCast XXXVIII: NIST SP 800-53 Revision 52022-09-27T21:09:20+00:00
CSIRT GuardSight Quick Reaction Force Incident Response

Rewire for Speed and Embed Long-Term DNA – Tabletop Exercises (TTX)

2022-09-15T00:57:23+00:00

Awesome Job! You adopted a cybersecurity mindset as part of your corporate culture. You deployed sophisticated cyber weaponry/tools to combat the cyber adversary. You employed an adequate level of competent internal cybersecurity staff. You hired a SECOPS threat detection and response company, like GuardSight, to engage the cyber enemy continuously. You implemented best practices like the principles of least privilege and layered defense. The above items are essential when readying your cybersecurity posture left ... Read More

Rewire for Speed and Embed Long-Term DNA – Tabletop Exercises (TTX)2022-09-15T00:57:23+00:00
GSPBC-1055 - Reconnaissance - Search Victim-Owned Websites

GSPBC-1055: Reconnaissance – Search Victim-Owned Websites

2022-09-14T23:04:28+00:00

Search Victim-Owned Websites Adversaries may search websites owned by the victim for information that can be used during targeting. Victim-owned websites may contain a variety of details, including names of departments/divisions, physical locations, and data about key employees such as names, roles, and contact info (ex: Email Addresses). These sites may also have details highlighting business operations and relationships. Adversaries may search victim-owned websites to gather actionable information. Information from these sources may reveal opportunities ... Read More

GSPBC-1055: Reconnaissance – Search Victim-Owned Websites2022-09-14T23:04:28+00:00

TomCast XXXVII: NIST SP 800-171

2022-09-13T00:59:51+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are continuing the series on the National Institute of Standards and Technology, otherwise referred to as NIST. We are going to jump in to the NIST Special Publication 800-171 revision 2. This one doesn’t have a unique acronym like the CSF or the ... Read More

TomCast XXXVII: NIST SP 800-1712022-09-13T00:59:51+00:00
Fatigue Management Techniques

Four Fatigue Management Techniques Every SECOPS Team Should Use

2022-09-12T23:29:08+00:00

Did you know that GuardSight Cybersecurity Operations (SECOPS) Teams apply several Fatigue Management techniques to reduce the cognitive overload rendered by the steady operational tempo of battling the cyber enemy? Here's what it's all about: Speed and precision are critical factors for reducing the dwell time of a cyber attack. Dwell time is the time between the moment a threat actor successfully compromises assets, living undetected, and when they are discovered, contained, and entirely eradicated ... Read More

Four Fatigue Management Techniques Every SECOPS Team Should Use2022-09-12T23:29:08+00:00

TomCast XXXVI: NIST RMF

2022-08-30T00:53:47+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are continuing the series on the National Institute of Standards and Technology, otherwise referred to as NIST. The NIST Cybersecurity Framework, or NIST CSF, was the focus of last week. Today’s NIST focus will be the NIST Risk Management Framework which is the ... Read More

TomCast XXXVI: NIST RMF2022-08-30T00:53:47+00:00

TomCast XXXV: NIST CSF

2022-08-30T00:42:54+00:00

Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints. Today we are starting a new series of TomCasts that are going to focus on the National Institute of Standards and Technology, otherwise referred to as NIST. The TomCasts are going to introduce to you (if you haven’t heard of them before) various publications out ... Read More

TomCast XXXV: NIST CSF2022-08-30T00:42:54+00:00
Objectives and Key Results (OKR) framework

Why SECOPS & SPECOPS Units Use An OKR Framework

2022-08-30T00:07:07+00:00

Did you know that the GuardSight Cybersecurity Services delivery teams are organized into Security Operations (SECOPS) and Special Operations (SPECOPS) units and use an Objectives and Key Results (OKR) framework to achieve their strategic Mission Objectives? Here's how it works: GuardSight SECOPS teams are primarily responsible for handling day-to-day cyber hygiene activities and making daily contact with the cyber enemy. These teams are squads of less than fifteen members and are classified as Team-1, Team-3, Team-n, ... Read More

Why SECOPS & SPECOPS Units Use An OKR Framework2022-08-30T00:07:07+00:00
Cybereason GuardSight Joint Solution Brief

Cybereason and GuardSight Joint Solution Brief

2022-08-17T01:53:59+00:00

MANAGED SECURITY OPERATIONS AND INCIDENT RESPONSE (IR) FOR ANY SIZE ORGANIZATION CYBEREASON AND GUARDSIGHT As workspaces continue to evolve, organizations are faced with the challenge of building, managing, and maintaining a security solution that will stand up against today’s advanced attacks. Organizations, however, are not the only ones evolving. Adversaries are constantly developing new tactics, techniques and procedures (TTPs) designed specifically to infiltrate a network and carry out an attack. Maintaining a ... Read More

Cybereason and GuardSight Joint Solution Brief2022-08-17T01:53:59+00:00
Go to Top