Go defensive
Blue teaming
As the SOC team, it’s your responsibility to protect business’ and clients’ most critical assets. Unfortunately, advanced threat actors are becoming ever more elusive in this rapidly-changing digital landscape – and catching them requires cutting-edge detections (use-cases). Let us help you staying one step ahead of potential cyber threats by boosting your threat detection capabilities!
Building, maintaining and tuning these advanced use-cases takes time, skills and insights in the latest attack vectors. Creating these new detections is often the responsibility of already overburdened engineers who are busy following up on events or doing incident response. This status quo makes you less flexible in focusing on business priorities and may put additional stress on your workforce.
FalconForce consists of a team of security veterans with a mix of deep offensive and defensive skills. We have performed numerous red team exercises, spent years in hunting or incident response, and scripted our way through so many technology stacks we lost count. In the past years we have been using our skills to create a repository of advanced use-cases. We are ready to support you in your mission to secure your business!
We believe modern threat detection is an interplay between your team, an advanced SIEM/SOAR, automation and specialist external input. FalconForce can support you in a number of these important threat detection topics.
Advanced Detection Content Services
We offer a way to save your team valuable time and provide you with advanced detection content for the Microsoft Defender and Microsoft Sentinel platforms. Custom-made for you or taken from our repository of existing use-cases; based on our constant research of adversarial techniques, our offensive and defensive engagements, and collaboration with our clients. FalconForce supports with implementing and tuning the use-cases to your environment. This will enable your team to focus on what really matters: keeping your business secure.
We offer our detection content to both MSSPs and in-house (hybrid) SOCs in the following way:
- Booster package: a selection of use-cases from our current repository, ready to be deployed and tuned.
- Subscription: we provide you new detections on a monthly bassis, custom-developed for you or taken from our existing repository.
Blue consultancy
Looking for expertise to enhance specific parts of your threat detection stack? FalconForce can help! We have expertise in setting up automated deployment pipelines, automating enrichment, custom detection development, BloodHound and testing your detections. Please get in touch so we can discuss what you are looking for and where we can help!
Go defensive
Blue teaming
experience
“Great advanced detection content!”
Simon - Information Security & Risk Management @ Athora
“FalconForce’s advanced detection content has greatly boosted our detective capability in both breadth and depth. The steady stream of new, tuned and well-documented detections and discussions with FalconForce’s experts really enhance the efficiency of our team.”
Go defensive
Blue teaming
knowledge
FalconFriday — Automating acquisition for incident response — 0xFF23
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
BloodHound — Calculating AD metrics 0x02
[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...
Go defensive
What does blue teaming bring you?
We protect your business
Reduce operational costs
Hiring new experts or developing expertise in-house is challenging, and ROI will take time. You can reduce those efforts by collaborating with FalconForce. Moreover, our content enables automation of deployment, and your team can chase mostly true positives.
Grow coverage faster and learn
Olaf speaking
Defensive specialist @ FalconForce & Microsoft MVP
“Constantly researching threat actor behavior, building and testing advanced detections takes a lot of knowledge, skills and time. Based on FalconForce’s offensive and defensive teams we have built and are continuously improving a repository of advanced use-cases for MDE and Sentinel. Moreover, we added various smart automations for deployment and documentation to help our clients focus on what really matters.”
Go defensive
Our other services
Purple teaming
Red teaming
Want to test your cyber threat detection and response with an extensive, realistic adversarial simulation or complete TIBER exercise? Our red teaming experts are ready to put your defenses to the test.
Together. Secure. Today.
Get in touch with one of our professionals
FalconForce realizes ambitions by working closely with its customers in a methodical manner, improving their security in the digital domain.
Energieweg 3
3542 DZ Utrecht
The Netherlands
[email protected]
(+31) 85 044 93 34
KVK 76682307
BTW NL860745314B01