Security Operations Center (SOC)


Mar 2018

File Storage and Sync Services Data Security

By Brian Lowe This is part one of a three-part series giving insight into observations from our 24/7 security operations center. The Observation… As technology moves forward to create capabilities and increase convenience, the focus on security can be lacking, or in some cases completely missing or ignored. In Sword & Shield Enterprise Security’s Managed Security Services operations, we often find this is true of...

Read More


Dec 2016

SOC Warning: Stealthy Stegoloader Can Evade Analysis Tools

By Lee Tibbals and Brian Lowe An interesting relic from the past came to visit recently in the form of a threat called Steganography. Steganography is a well-known and ancient practice of concealing a file, or a message inside of another file or message. The first recorded uses of steganography are accepted to have been around 440 BC in ancient Greece, where a message was...

Read More


Mar 2016

Sword & Shield’s MSSP Deploys Samsam Ransomware Protections

Although it has been around for a few months, Samsam is the newest ransomware campaign surging and is targeted at the healthcare industry. SamSam infects machines differently than traditional ransomware such as crypto-locker. It does not spread by spam/phishing emails, it actively scans for vulnerable servers that have unpatched software on the network. Unlike other ransomware campaigns, there is no need for any user action...

Read More


May 2015

Sword & Shield’s SOC is Monitoring New FREAK Vulnerability

As new details continue to emerge about the latest Freak related vulnerability, Sword & Shield’s Security Operations Center (SOC) is keeping a close eye on its customers’ networks.  The latest is entitled, “LogJam,”  a man-in-the-middle attack. Given the right circumstances, it can provide an attacker the ability to read encrypted data.  Although it is not a simple task, it is possible.  The SOC has already seen...

Read More