Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2022

Corelight

IoT/OT/ICS threats: Detecting vulnerable Boa web servers

Nov 30, 2022 By Corelight Labs Team In Corelight

On Nov. 22, 2022 Microsoft announced research findings about an ongoing supply chain attack against IoT devices running Boa web servers. The Boa web server, an open-source small-footprint web server suitable for embedded applications, was discontinued in 2005, but many software development kits still use this lightweight server on IoT hardware. Since being discontinued, vulnerabilities were discovered in Boa that make every version out there exploitable.

Read Post
datadog

Analyze security logs from Amazon Security Lake with Datadog

Nov 29, 2022 By Jordan Obey In Datadog

Amazon Security Lake allows customers to build security data lakes from integrated cloud and on-premises data sources as well as from their private applications. Directing your security telemetry into a unified data lake makes it easier to manage, analyze, and route security-log and event data to third-party SIEM solutions that leverage that telemetry.

Read Post

Trustwave Managed Detection & Response

Nov 11, 2022 By Trustwave In Trustwave
Don’t let complexity and cyber threats get in the way of moving your business forward. Trustwave Managed Detection and Response (MDR) is an industry-leading rapid threat detection and response service. We monitor, investigate, and respond to active threats to your business 24x7. Augment your team today with cyber experts for superior protection against the most sophisticated threats.
View Video
Corelight

Detecting 5 current APTs without heavy lifting

Nov 8, 2022 By Corelight Labs Team In Corelight

The Corelight Labs team prides itself on the ability to create novel Zeek and Suricata detection content that delves deep into packet streams by leveraging the full power of these tools. However this level of additional sophistication is not always required: sometimes there are straightforward approaches that only require queries over standard Zeek logs. It’s always valuable when developing detections to keep in mind that “sometimes simple does just fine.”

Read Post
Arctic Wolf

What Is Cloud Detection and Response and Why Do You Need It?

Nov 7, 2022 By Britt Serra In Arctic Wolf
Cloud adoption is vastly increasing. Right now, 9o% of businesses are using or plan to use a multi-cloud environment. While the cloud, which refers to internet-accessed servers that are not directly managed by the business, can help organizations scale in a cost-effective manner, they also create new cybersecurity risks.
Read Post
jumpsec

Avoiding a false sense of security

Nov 4, 2022 By Dan Green, Head of Enablement In JUMPSEC
Cyber threat detection and response is a well-established area of cyber security, with a multitude of product and service types and definitions. Yet rather than make it easier for organisations to identify what they need, this often contributes to industry noise and hype, creating a marketplace that can be challenging to navigate for buyers who are uncertain of what they need, or why they need it.
Read Post

Network Detection and Incident Response with Open Source Tools

Nov 2, 2022 By Corelight In Corelight
When conducting incident response, EDR and firewall technologies can only show you so much. The breadth of network traffic provides an unrivalled source of evidence and visibility. Open-source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, furthermore the global communities behind these tools can also serve as a force multiplier for security teams, often accelerating response times to zero-day exploits via community-driven intel sharing.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.