Incident Investigation

July 27, 2020

SECURITY

Getting more value from your endpoint security tool #5: Querying Tips for Vulnerability & Compliance

3 min read

Orbital Advanced Search has an entire category of queries dedicated to Posture Assessments to validate patch management, ensure endpoints comply with current policies, and more.

July 9, 2020

SECURITY

Getting more value from your endpoint security tool #4: Querying Tips for IT Operations

3 min read

Orbital Advanced Search has an entire category dedicated to Posture Assessments which contains queries to check CPU data, network host connections, operating system information, installed programs, and more.

June 19, 2020

SECURITY

Getting more value from your endpoint security tool #3: Querying Tips for Incident Investigation

3 min read

Cisco Orbital Advanced Search has an entire category dedicated to Forensics, which contains queries to collect data such as installed programs on the host, types of failed login attempts, operating system attributes, and more.