Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

August 2024

snapattack

Navigating the Future of SIEM Detections: Balancing Signature-Based and AI-Driven Approaches

Aug 29, 2024 By Tim Nary In SnapAttack
In the early days of cybersecurity, implementing a Security Information and Event Management (SIEM) system was akin to constructing a house from scratch. The SIEM was a blank slate, and transforming raw data into actionable insights was a long and arduous journey. It began with the daunting task of ingesting data from various disparate sources and formats. From there, security teams had to craft detections — rules designed to identify malicious or suspicious activity.
Read Post

FIN7 is Dead, Long Live FIN7 | Threat SnapShot

Aug 18, 2024 By SnapAttack In SnapAttack
FIN7 is dead… right? In this week’s Threat SnapShot we breakdown a SentinelOne report on the group FIN7. We focus on detection strategies for their latest tools, covering three main tools: Powertrash (an obfuscated PowerShell script for payload loading), a batch script for persistence, and AU Kill (an antivirus neutralizer). For each tool, we explain its function and offer specific detection methods.
View Video

Turning Novel Threats into Detections Easily with SnapAttack

Aug 2, 2024 By SnapAttack In SnapAttack
Our CTO, Fred Frey, met with Teddy Powers from Google Cloud Security at the Google Massachusetts Ave Office to discuss the topic: "Turning Novel Threats into Detections Easily with SnapAttack." Discover how SnapAttack can integrate with Mandiant's threat intelligence, security validation, and Google Chronicle to enhance detection and create actionable workflows for your organization.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.