Stories from the SOC – Cloud and On-site Protection

This blog was jointly authored by Josue Gomez
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.
Executive Summary
One of the benefits of having your managed detection and response (MDR) service managed by AT&T Cybersecurity is the visibility into threats from a large number of customers of all sizes and across different industries.  This allows the team to take what they learn from one customer and apply it to another.  Our security operation center (SOC) analysts were able to use an OTX alarm and an AWS correlation rule to discover open ports on public facing servers for two different customers in 24 hours.
Investigation
Initial Alarm Review
Indicators of Compromise (IOCs)
In a 24-hour period the AT&T…

Posted by: Edwardo Rodriguez

Read full post

      

The post Stories from the SOC – Cloud and On-site Protection appeared first on Cybersecurity Insiders.

September 28, 2020 at 09:10PM

Posted in: Cyber Security, Cybersecurity Insiders, Hacking, Hacking Articles, Hacking News, Security