❌

Normal view

Received today β€” 10 July 2026 ⏭ Black Hills Information Security, Inc.

Finding the β€œGoldilocks” Zone: A Practical Approach to Alert Triage

We're all petrified about missing a critical event or misclassifying an alert, but when we're talking about incident response (IR), there are often hundreds if not thousands of alerts to parse through. It's easy to get caught up with one alert because it feels "too hot" or maybe not spend enough time looking into something that initially seems "too cold."

The post Finding the β€œGoldilocks” Zone: A Practical Approach to Alert Triage appeared first on Black Hills Information Security, Inc..

Received β€” 8 June 2026 ⏭ Black Hills Information Security, Inc.

Bad Habits: An ANTISOC Operation

ANTISOC uses a mix of techniques from traditional penetration tests like red teams, cloud, web applications, externals, internals, and, of course, social engineering. We combine this mix of techniques with a wide-open scope, with the goal of going beyond what a typical pentest can discover.

The post Bad Habits: An ANTISOC Operation appeared first on Black Hills Information Security, Inc..

Received β€” 21 May 2026 ⏭ Black Hills Information Security, Inc.

Same Problem, Different Angles: When Red Team and Blue Team Actually Talk to Each Other

There is a certain kind of conversation that doesn’t get written up in a post-mortem, doesn’t generate a ticket, and never makes it into an end-of-quarter report. It happens on the marginsβ€”at a conference, in a hallway, or, in this case, at 30,000 feet above sea level. It’s the conversation where two people who are solving the same problem from opposite ends of the table finally sit down next to each other.

The post Same Problem, Different Angles: When Red Team and Blue Team Actually Talk to Each Other appeared first on Black Hills Information Security, Inc..

Received β€” 19 May 2026 ⏭ Black Hills Information Security, Inc.

How to Identify and Exploit New Vulnerabilities

In the ever-evolving world of cybersecurity, staying ahead of the curve is not just a goalβ€”it’s a necessity. As new vulnerabilities emerge, the race to identify and mitigate them begins. But how do we, the guardians of the digital realm, rapidly pinpoint these threats as they become public? Let’s dive into the fascinating world of vulnerability identification and see how the magic happens.

The post How to Identify and Exploit New Vulnerabilities appeared first on Black Hills Information Security, Inc..

Received β€” 12 March 2026 ⏭ Black Hills Information Security, Inc.
Received β€” 5 February 2026 ⏭ Black Hills Information Security, Inc.

When the SOC Goes to Deadwood: A Night to RememberΒ 

By: BHIS
4 February 2026 at 15:00

Hear a tale about the time the BHIS SOC team conducted a 14-hour overnight incident response... from the Wild West Hackin' Fest conference in Deadwood, South Dakota.

The post When the SOC Goes to Deadwood: A Night to RememberΒ  appeared first on Black Hills Information Security, Inc..

Received β€” 11 January 2026 ⏭ Black Hills Information Security, Inc.

The Curious Case of theΒ Comburglar

By: BHIS
18 December 2025 at 18:55

By Troy Wojewoda During a recent Breach Assessment engagement, BHIS discovered a highly stealthy and persistent intrusion technique utilized by a threat actor to maintain Command-and-Control (C2) within the client’s […]

The post The Curious Case of theΒ Comburglar appeared first on Black Hills Information Security, Inc..

Inside the BHIS SOC: A Conversation with Hayden CovingtonΒ 

By: BHIS
3 December 2025 at 15:00

What happens when you ditch the tiered ticket queues and replace them withΒ collaboration, agility, and real-time response? In this interview, Hayden Covington takes us behind the scenes of the BHIS Security Operations Center, which isΒ where analystsΒ don’tΒ escalateΒ tickets,Β they solve them.

The post Inside the BHIS SOC: A Conversation with Hayden CovingtonΒ  appeared first on Black Hills Information Security, Inc..

Why Your Org Needs a Penetration Test Program

By: BHIS
10 March 2025 at 16:30

This webcast originally aired on February 27, 2025. Join us for a very special free one-hour Black Hills Information Security webcast with Corey Ham & Kelli Tarala on why your […]

The post Why Your Org Needs a Penetration Test Program appeared first on Black Hills Information Security, Inc..

GRC for Security Managers: From Checklists to Influence

By: BHIS
27 January 2025 at 17:00

This webcast was originally aired on January 16, 2025. In this video, Kelli K. Tarala and CJ Cox discuss the challenges and strategies for improving governance, risk, and compliance (GRC) […]

The post GRC for Security Managers: From Checklists to Influence appeared first on Black Hills Information Security, Inc..

Introduction to Zeek Log Analysis

By: BHIS
13 January 2025 at 17:00

In this video, Troy Wojewoda discusses the intricacies of Zeek log analysis, focusing on how this network security monitoring system can be used to understand traffic and analyze logs effectively.

The post Introduction to Zeek Log Analysis appeared first on Black Hills Information Security, Inc..

The Detection Engineering Process

By: BHIS
18 November 2024 at 17:00

This webcast was originally published on November 8, 2024. In this video, Hayden Covington discusses the detection engineering process and how to apply the scientific method to improve the quality […]

The post The Detection Engineering Process appeared first on Black Hills Information Security, Inc..

Cyber Risk Lessons We Can Learn From Hurricane Preparedness

By: BHIS
14 November 2024 at 16:00

Risk is real. To better understand cybersecurity risk, let’s compare cyber risks to risks in the natural world from hurricanes. We can learn lessons from hurricanes and unnamed storms in […]

The post Cyber Risk Lessons We Can Learn From Hurricane Preparedness appeared first on Black Hills Information Security, Inc..

Monitoring High Risk Azure LoginsΒ 

By: BHIS
12 September 2024 at 16:44

Recently in the SOC, we were notified by a partner that they had a potential business email compromise, or BEC. We commonly catch these by identifying suspicious email forwarding rules, […]

The post Monitoring High Risk Azure LoginsΒ  appeared first on Black Hills Information Security, Inc..

❌