Dig into the Dark Web with Flare: Play CTF
Have you heard about Flare’s CTF: Capture the Threats? We created this game so players can further sharpen their skills in exploring the darker corners of the cyber world to stop malicious actors. The game includes four categories: credential leaks, illicit markets (dark web and social media), open web (GitHub, paste, and buckets), and IP/domain, […]
What Flare Has Been Cooking in 2022
We’ve been working on a lot this past year. Take a look at the spices, seasonings, and condiments in the kitchen to read about what we’ve been cooking up at Flare in 2022. Stay tuned to see what’s next for us in 2023! Click on each item on the board in the kitchen to read […]
Digital Risk Protection (DRP) Glossary
We are aware of the information overload and wealth of technical terms that may sometimes be confusing. To make it easier to understand industry terminology, we came up with some definitions of some of the most popular cybersecurity concepts. DRP In its 2020 report titled “Emerging Technologies: Critical Insights in Digital Risk Protection Services,” Gartner […]
Firework integration with Azure Sentinel: Leveraging new SOAR capabilities
For any modern cybersecurity team, gathering system logs in a centralized location is insufficient and only one step in the process. In order to keep up with the pace of incoming information, automation is crucial. Microsoft Azure is recognizing this with Sentinel’s recent development in offering a platform that not only aggregates and ingests logs […]
Noise Reduction and Prioritisation: One Size Does Not Fit All
One man’s trash is another man’s treasure, what one considers undesirable is likely specific to the listener. Or, at least, that is the unwritten rule in several situations, one of which seems to have so far been the threat landscape monitoring tools industry. The endless war against alert fatigue In the infosec community, talking about […]
How to Mitigate the Risks of Token Leaks
Access tokens are used in token-based authentication and allow users to access a website, an application or API. After verifying their identity, the user has no need to re-enter their credentials for the lifetime of the token, as the token serves as their entry ticket. When they are created, tokens are granted a defined scope […]
Why your team should be concerned about leaky buckets on the internet
Since its inception in March 2006, AWS cloud storage option, also referred to as S3 (Simple Storage Service), has generated keen interest due to its low maintenance and configuration, high availability and “pay as you go” accessible pricing. Microsoft jumped on the bandwagon by formally launching its own cloud services in 2010, maintaining ever since […]
Outsourcing Security to MSSP or MDR Services Could Bridge the Gap Between Talent and Budget
Is cybersecurity still going to be part of the conversation when the pandemic is over? If Covid-19 has taught us anything, it is to accept that, moving forward, cybersecurity will be a critical component of hybrid work environments. The pandemic has likely made security teams more aware of digital risks and of the importance of […]