Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

August 2022

SANS 2022 Report Moving to a State of Zero Trust

Aug 31, 2022 By Corelight In Corelight
In this webcast, SANS certified instructor Matt Bromiley will explore the concept of zero trust and what it means to security teams and your overall security posture. As a concept, zero trust is relatively straightforward: Trust no one until verified, inside or outside the network. However, this is often easier said than done, especially for systems built on legacy authentication models. Matt will also examine what a zero trust implementation looks like, how this can stop adversaries dead in their tracks, and what your organization can do to begin moving toward a state of zero trust.
View Video

How to Benchmark Your Threat Hunting Readiness and Prepare for the Next Step

Aug 26, 2022 By Corelight In Corelight
Many organizations want to start threat hunting but struggle with knowing where to begin, how to measure success, and how to scale an effective program. This presentation draws on the experience of elite hunters and teams around the world and will discuss an actionable threat hunting maturity model and help you prepare for each step of the journey with specific guidance, concrete examples, and sample threat hunts.
View Video

Network Forensics & Incident Response with Open Source Tools

Aug 26, 2022 By Corelight In Corelight
Open source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, and the global communities behind these tools can also serve as a force multiplier for security teams, such as accelerating their response times to zero-day exploits via community-driven detection engineering and intel sharing. This presentation will review popular open source technologies used in network DFIR and cover use cases, integrations, and open source design patterns.
View Video

MAC Spoofing Detection with Forescout

Aug 22, 2022 By Forescout In Forescout
Learn how to tackle a common problem known as “MAC Spoofing” faced by many security teams looking to control access to the network. In this video you will gain an understanding what MAC Spoofing is, why it's a problem, and how Forescout is uniquely positioned to help detect it. You will be able to differentiate between the two primary MAC Spoofing scenarios and the strategies used for detection and learn how to configure Forescout to detect both scenarios and test successfully.
View Video
Trustwave

Trustwave Security Colony Noted as a Differentiator in Managed Detection and Response Market According to IDC Link Report

Aug 16, 2022 By Trustwave In Trustwave

Trustwave’s new MDR offerings garnered recognition from IDC as differentiated due to the inclusion of Security Colony as part of the offering. Security Colony, now bundled in with Trustwave MDR offerings, is a Resource Library of 400+ documents derived directly from real-life consulting engagements with clients. The project deliverables have been anonymized and made available to clients.

Read Post

JUMPSEC Summer Industry Briefing Benchmarking EDR/MDR solutions

Aug 11, 2022 By JUMPSEC In JUMPSEC
Benchmarking EDR/MDR Solutions presented by Tom Ellson, Head of Offensive Security We recently completed a review of a number of industry-recognised EDR and MDR solutions. This led us to take a novel approach that addresses many of the limitations and constraints typically met when undertaking this type of assessment. You will learn why context is key to threat detection, and how the different vendors performed in our realistic and representative environment against goal-focused attack paths.
View Video

JUMPSEC Summer Industry Briefing UK Threat Landscape Trends

Aug 11, 2022 By JUMPSEC In JUMPSEC
UK Threat Landscape Trends - Presented by John Fitzpatrick, CTO John Fitzpatrick reflects on the last six months, examining the key threats and trends we have observed affecting UK institutions. Specifically, we will delve into ransomware threat evolution, presenting and discussing. This will build upon our predictions made at the last briefing, reviewing how the landscape has changed, how our predictions fared, and how it has been influenced by major cyber security events and developments.
View Video
CrowdStrike

CrowdStrike Introduces Industry's First AI-Powered Indicators of Attack for CrowdStrike Falcon Platform to Uncover the Most Advanced Attacks

Aug 10, 2022 By CrowdStrike In CrowdStrike
Trained on the world's richest threat intelligence, new detection and response capabilities proactively protect organizations against emerging adversary techniques.
Read Post
netskope

AV-TEST Results Show Netskope Threat Protection Efficacy

Aug 9, 2022 By Tom Clare In Netskope

We measure and test things that are important in our lives, from credit scores to blood pressure. For cybersecurity, testing threat protection defenses is an expected benchmark. Netskope recently completed a set of anti-malware tests with AV-TEST, an independent anti-malware testing lab based in Germany with one of the world’s largest databases of malware samples. Every second, AV-TEST discovers four to five new malware variants.

Read Post
Corelight

Detecting CVE-2022-30216: Windows Server Service Tampering

Aug 9, 2022 By Corelight Labs Team In Corelight

In July 2022, Microsoft disclosed a vulnerability in the Windows Server Service that allows an authenticated user to remotely access a local API call on a domain controller, which triggers an NTLM request. This results in a leak of credentials that allows an attacker to authenticate to Active Directory Certification Services (ADCS) and to generate a client certificate that enables remote code execution on a domain controller.

Read Post
CrowdStrike

Improving CrowdStrike Falcon Detection Content with the Gap Analysis Team

Aug 8, 2022 By Sean Pagano In CrowdStrike

CrowdStrike is always looking for innovative ways to improve detection content for our customers. We believe a multifaceted approach that combines customer input, standardized testing and internal research is necessary to stop breaches today and in the future. At CrowdStrike, we never rest, because neither does the adversary.

Read Post

How to Make Progress on the Zero Trust Road Map

Aug 5, 2022 By Corelight In Corelight
It's been a year since President Biden's executive order that called out zero trust as a primary focus. Corelight's Richard "Chit" Chitamitre discusses the prevalent misunderstandings about zero trust, as well as use cases for how to embrace the framework and make measurable progress along the way. In this video interview, in partnership with Information Security Media Group, you will learn.
View Video

Raspberry Pi Sensors for Home Networks

Aug 5, 2022 By Corelight In Corelight
Is your IoT dryer transferring 1GB+ of traffic daily? Does your Tesla phone home to the mothership? Is your employer monitoring you at home? Learn a quick, easy, free method for using a Raspberry Pi to gain visibility into your home network. We'll teach you to find out what your smart (and not-so-smart) devices are doing using ZeekⓇ logs and Suricata alerts–two flagship open-source technologies–skills transferable to your day job and enterprise environments.
View Video
Trustwave

Trustwave Named Innovation Leader in Frost & Sullivan's Frost Radar Global Managed Detection and Response Market

Aug 4, 2022 By Trustwave In Trustwave

Frost & Sullivan analysts investigated 70 market participants and recognized Trustwave as one of 15 Innovators in the field. The report noted that Trustwave’s Fusion platform allows clients to manage and view their cybersecurity status, and elite SpiderLabs are driving factors behind being honored. “Trustwave Fusion, a security operations platform that integrates and enriches data from over 750 third-party sources, including cloud, network, endpoints, and email.

Read Post

Integrating Open NDR To Automate Alert Response Via Better Network Evidence

Aug 1, 2022 By Corelight In Corelight
Are you interested in context for your cloud or container environment when you investigate an event from last week, last month, or last year? Would it save you time to have IDS alerts that include the full context of the connection? Watch this SANSFIRE 2022 webcast and to see James Schweitzer demonstrate easy to understand, interlinked network evidence, available wherever you need it and which also enables orchestration.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.