Strand Intelligence Blog

Sign in Subscribe

Strand

What your SOC isn't telling you (but should)

There was a time when every incident was treated like a crime scene. A strange binary on a file server meant disk images, memory captures, and long nights stitching together logs until a story emerged. We didn’t just know what executed; we could tell you how it arrived, why

Sonicwall VPN? You have an emergency - tonight.

TLDR: SonicWall have, over the last 24 hours, taken the unusual step of recommending any organisation using their Generation 7 devices to provide SSL VPN access to corporate resources turn this functionality off. Not "patch it". Not "enforce MFA". Turn it off. There are a high

Know Your Adversary: Qilin

Qilin are the most active ransomware group in 2025. Following the disappearance of RansomHub, they are equipped with an army of affiliates targeting organisations globally. How to they gain initial access? What should incident responders look out for? Find out in this release of Know Your Adversary.

Know Your Adversary: SafePay

SafePay are a new, aggressive and prolific ransomware group. Whilst they are evolving quickly, all incidents observed by SafePay so far have followed a repeated playbook. Read our analysis of SafePay attacks, and how incident responders can investigate and remediate such incidents.

Know Your Adversary: Akira

Akira are one of the most well known ransomware groups. Whilst their tools, tactics and techniques have evolved over time, this article looks at their approach as of May 2025. What is their most common attack vector? How can incident responders detect and investigate the Akira threat?

Meet Strand. AI for Cyber Incident Response.

Strand redefines reactive security, using agentic AI to contain, investigate and report on critical cyber incidents. Fast, thorough and precise digital forensics & incident response for everyone.