Blogs

Modern SIEM Efficiency Starts at Ingestion: How Microsoft Sentinel’s Data Collection Rules (DCRs) Shape Detection Value

09-06-2025

In this blog post, we explore the vital role of selective data collection in modern security operations and examine how Microsoft Azure Sentinel addresses this challenge using its powerful Data Collection Rules (DCRs). Whilst the discussion centres on Sentinel-specific examples, the insights presented are highly relevant for any organisation looking to enhance SIEM efficiency. Whether you're a security architect aiming to streamline detection or an MSSP customer focused on reducing data ingestion and operational costs, adopting a signal-driven logging strategy can yield substantial benefits. By being deliberate in what data is collected, organisations can lower overhead, sharpen threat detection, and ensure cost-effective log management.

Understanding Group Managed Service Accounts (gMSAs): Advantages Over Traditional Service Accounts

21-01-2025

Nearly all breaches in the last decade were preventable. While intrusions, defence evasions, and human error can occur, good cybersecurity practices can stop threat actors from progressing along the kill chain before achieving their goals. We've been sharing best practices through Tips & Tricks LinkedIn posts to help our followers build cyber-resilient networks. Our VP of Product, Cumhur Hatipoglu, has written a new blog diving deeper into Group Managed Service Accounts (gMSAs)—one of our recent Tips & Tricks topics. This Microsoft feature provides enhanced protection against attack techniques including credential theft, dumping, lateral movement, and privilege escalation. Your detection and response teams and service providers should focus on handling sophisticated attacks that bypass internal defences—not the preventable ones.

Managing Cyber Risk with CTEM and Beyond

17-12-2024

Cynode Ultima takes the complexity out of cyber threat management with its all-in-one security platform. Building on Gartner's CTEM framework, we've created a solution that brings together essential security tools - from threat intelligence and vulnerability prioritization to dark web monitoring and attack surface management - in one place. The article explores why organizations often struggle to implement security programs that meaningfully reveal their true risks and security gaps. We show how Ultima bridges this gap by providing an integrated approach that helps businesses understand and address their actual security exposures, making advanced threat management both accessible and actionable.

Investing in Dark Web Monitoring: A Practical Guide

18-11-2024

Should you invest in a Dark Web Monitoring service? The answer is not as straightforward as you might think—it really depends. Whilst Dark Web Monitoring is undoubtedly valuable, where does it rank in your list of priorities? For instance, if you have a limited budget, should you invest in Dark Web Monitoring or a Security Awareness Programme? The answers to such questions vary for each organisation, but there are some general principles that can guide your decision-making process.