Todyl Blog

SIEM provides crucial visibility for real-time, correlated threat detection, investigation, and response. Learn more about what it is and its benefits here.

Learn more about the different threat hunting methodologies with expert guidance on how to conduct successful threat hunts in the real world.

On February 3rd, 2023, Todyl's MXDR observed threat actors using OneNote to deploy Qbot. This blog explores what the attack chain looks like and the key takeaways for businesses.

Cyber threat hunting adds a crucial human element to a strong security program. Read more about the benefits and the tools businesses need to get started.

CISA, the NSA, and MS-ISAC released a joint advisory warning organizations that threat actors are using legitimate RMM tools to control victim machines after initial compromise. Get the key takeaways here.

This blog will review some of the most common types of worker impersonation and how companies can best protect themselves against these attacks.

On November 17, 2022 Todyl’s MXDR team observed new infections from a campaign that included the IcedID Trojan. This new activity targets users in the US with IRS notifications and file names.

In this blog, we cover the architecture of the new web proxy in Todyl's SASE Module and how it powers helps us deliver better security and a faster, more reliable experience.

In this blog, we provide a play-by-play of how Todyl's MXDR team and Endpoint Security (EDR + NGAV) performed during a recent penetration test.