• Solutions
    get-secured-now-icon
    ArmorText Suite

    Designed to protect your most critical roles and operations without compromising security or compliance.

    Schedule A Demo
    Products Menu Icon
    Products
    Services Menu Icon
    Services
    Competition Menu Icon
    Competition
  • Use Cases
    Use Cases Menu Icon
    Tier & Protect Strategy™

    Government and defense utilize distinct channels for secret and top secret comms. Your SOC, IR, and Theat communications deserve that same treatment. Deploying an Out of Band comms tool is easy as it runs alongside your day-to-day comms and is only used by a select group of critical roles in your org.

    Schedule A Demo
    Use Case Menu Icon
    Use Cases
    solutions-icon
    Business Case
  • Company
    armortext-footer-logo
    Who We Are
    When a crisis hits, there’s no room for error. You need a partner with proven information security knowledge and real-world problem-solving expertise. ArmorText is here for you.
    About Us
    Company Menu Icon
    Company
  • Resources
    resources-icon
    Resources to
    Keep You Secured
    Keeping your communications safe from the bad guys is an always-moving target. Check out these resources for the latest news, views, and tips on staying safe.
    Learn More
    Resources Menu Icon
    Resources
    Start Here Menu Icon
    Start Here
  • Get Secure Now
    download-icon
    Get Secure Now
    Don’t wait for a cyberattack to put a secure communications plan in place. Get in touch with us today to schedule a personalized ArmorText demo.
    Learn More
    laptop-icon
    Pricing & Downloads
Search
Schedule a Demo

Look Who's Talking About
Out of Band Communications

Speak to An Expert
CISA, Review Of The Attacks Associated with Lapsus$
Effective Incident Mitigation
"Highly effective organizations employed mechanisms such as out-of-band communications that allowed incident response professionals to coordinate response efforts without being monitored by the threat actors."
Read More
CISA, Review Of The Attacks Associated with Lapsus$
MIT Sloan Management Review, An Action Plan for Cyber Resilience
Continuity of Operations
"Typically, either email is no longer functional or, if it is, the adversary is reading emails and thereby staying steps ahead of the defense. Diverse and secure communication methods across various stakeholder groups — employees, suppliers, customers, shareholders, law enforcement, and regulators — are critical for the organization to be able to absorb the attack and continue business operations."
MIT Sloan Management Review, An Action Plan for Cyber Resilience
Microsoft, DEV-0537 Criminal Actor Targeting Organizations for Data Exfiltration and Destruction
Compromised Crisis Comms
“[Lapsus$] has been observed then joining the organization’s crisis communication calls and internal discussion boards (Slack, Teams, conference calls, and others) to understand the incident response workflow and their corresponding response.”

Accordingly, Microsoft went on to recommend that “organizations should develop an out-of-band communication plan for incident responders.”
Read More
Microsoft, DEV-0537 Criminal Actor Targeting Organizations for Data Exfiltration and Destruction
The Forrester Wave™: Secure Communications, Q3 2022
Industry Analysts
ArmorText excels at enabling out-of-band communications… [and] is a great fit for security operations, incident response communications and collaboration, as well as multi-organization threat intelligence sharing.”
Read More
The Forrester Wave™: Secure Communications, Q3 2022
Tyler Hudak, To OOB, or not to OOB?
Unavailable Comms
"If you cannot coordinate, collaborate, and inform actions and information about an incident, the incident response will eventually fail. Normally, this isn’t an issue, as organizations have resources like Microsoft 365 email, SharePoint, Slack, and Teams to use to communicate with each other. However, what happens when those technologies are unavailable? That is where OOB communications come in."
Read More
Tyler Hudak, To OOB, or not to OOB?
CISA, Review Of The Attacks Associated with Lapsus$
Resiliency
"In instances where the threat actors took over internal communications used by the response teams, organizations that had previously setup out-of-band communications were able to avoid having their activities monitored or interrupted."
Read More
CISA, Review Of The Attacks Associated with Lapsus$
InfoSec Twitter
Expert Dialogues
@briankrebs: LAPSUS$ didn't publicize all of its successful intrusions. E.g., it stole gobs of source from SASCAR, a vehicle/fleet tracking company owned by Michelin. The LAPSUS$ leader spent days on the company's incident response bridge, taunting IT pros as they tried to evict the group.

@CommieGIR: The fact that their incident team was not working out of band....You know they are in the network, you know your ops systems are likely compromised. Why would you use those?
InfoSec Twitter
CISA, Review Of The Attacks Associated with Lapsus$
Planning for Disruptions
"Develop an internal communication plan that includes how to contact personnel, how to proceed if they are unreachable, and backup, out-of-band communication mechanisms personnel can use if routine lines of communication are disrupted or if their integrity is compromised by the attackers."
Read More
CISA, Review Of The Attacks Associated with Lapsus$
InfoSec Twitter
Expert Dialogues
@NicoleBeckwith: Follow on to last tweet: What is something that you have seen included in an incident response plan that you really liked?

@dwmetz: Pre-established out of band communications plan, and off network digital copies of the critical playbook(s).
InfoSec Twitter
CISA, Review Of The Attacks Associated with Lapsus$
Operational Security
"Some organizations also made use of 'out-of-band communications'...an incident response procedure best established ahead of attacks, to improve response operations by prohibiting threat actors from observing incident response communications and activities or taunting response teams."
Read More
CISA, Review Of The Attacks Associated with Lapsus$
Microsoft, 6 Ways to Protect Your Organization Against LAPSUS$
Operational Security Processes for Response
"One hallmark tactic of DEV-0537 is to monitor and eavesdrop on incident response communications in the event of a cybersecurity breach... [companies should] develop an out-of-band communication plan for incident responders that can be used for multiple days while an investigation occurs, and ensure response plan documentation is closely guarded and not easily accessible."
Read More
Microsoft, 6 Ways to Protect Your Organization Against LAPSUS$
InfoSec Twitter
Rough Times
@vxunderground: Ragnar Locker ransomware group took screenshots of their targets Cybersecurity Incident Response meeting mid-breach.

(screenshot redacted)

@BushidoToken: Lesson 1. always secure comms channels at the beginning of an IR
InfoSec Twitter

ArmorText gives you confidence that your most sensitive information is secure.

Schedule a Demo
Contact Us
armortext-footer-logo

A Secure Out of Band Collaboration Platform for Critical Communications

Navigation

Download

Get In Touch

Schedule a Demo With Our Team Now

Copyright 2022 ArmorText | All Rights Reserved

Schedule a Demo
Search