Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2023

kroll

MDR vs MSSP vs SIEM: The Evolving Threat Detection Landscape

Nov 29, 2023 By Kroll In Kroll

Effective threat detection is critical to achieving a mature cybersecurity posture. Yet with so many threat detection options on the market, from managed detection and response (MDR) to managed security service providers (MSSPs) to security information and event management (SIEM), choosing the most effective one for your organization can be challenging.

Read Post
Corelight

Inside the Mind of a Cybersecurity Threat Hunter Part 1: Confronting Initial Access Techniques

Nov 27, 2023 By Corelight In Corelight

At Corelight, we’re always striving to make the life of threat hunters and security analysts a little easier. It’s the reason we developed our Open NDR Platform that provides comprehensive, correlated network data and forensic evidence about everything happening on the network. If you’re familiar with Corelight, you probably already know that.

Read Post

How Corelight's ServiceNow integration speeds response

Nov 17, 2023 By Corelight In Corelight
See how the integration between Corelight's Open NDR platform and ServiceNow allows analysts to send specified detections to ServiceNow, enabling efficient case management for in-depth analysis. Send selected detections with contextual information to ServiceNow with a few clicks, and easily jump from ServiceNow to view detection-related details in Corelight, resulting in faster time to case resolution/MTTR.
View Video
Corelight

How Corelight Uses AI to Empower SOC Teams

Nov 15, 2023 By Vince Stoffer In Corelight

The explosion of interest in artificial intelligence (AI) and specifically large language models (LLMs) has recently taken the world by storm. The duality of the power and risks that this technology holds is especially pertinent to cybersecurity. On one hand the capabilities of LLMs for summarization, synthesis, and creation (or co-creation) of language and content is mind-blowing.

Read Post
Forescout

CVE-2023-3595: Rockwell Automation ControlLogix Vulnerability Analysis Fuels Better Risk Assessment and Threat Detection

Nov 9, 2023 By Jos Wetzels In Forescout
On July 14, CISA published an industrial control system (ICS) advisory about two new critical vulnerabilities affecting Rockwell Automation ControlLogix communication modules: CVE-2023-3595 and CVE-2023-3596. CISA and Rockwell Automation recommended that asset owners patch vulnerable devices and add controls such as segmenting networks and using network intrusion detection.
Read Post
elastic

Detecting account compromise with UEBA detection packages

Nov 8, 2023 By Aaron Jewitt In Elastic
The Elastic InfoSec Threat Detection team is responsible for building, tuning, and maintaining the security detections used to protect all Elastic® systems. Internally, we call ourselves Customer Zero and we strive to always use the newest versions of our products. This blog details how we are building packages of detection rules that work together to create a high fidelity alert for strange user behavior.
Read Post
tripwire

Google introduces real-time scanning on Android devices to fight malicious apps

Nov 7, 2023 By Graham Cluley In Tripwire

It doesn't matter if you have a smartphone, a tablet, a laptop, or a desktop computer. Whatever your computing device of choice, you don't want it impacted by malware. And although many of us are familiar with the concept of protecting our PCs and laptops with security software that aims to identify attacks in real-time, it's not a defence that is as widely adopted on mobile devices.

Read Post

Exploring the Cybersecurity Landscape: Insights from Shira Rubinoff and Gideon Hazam

Nov 6, 2023 By Memcyco In Memcyco
In an ever-shifting digital world, cybersecurity remains at the forefront of protecting our digital assets. We're excited to bring you the latest conversation between two prominent figures in the cybersecurity realm—Shira Rubinoff and Gideon Hazam. This engaging discussion delves deep into the dynamic cybersecurity landscape, providing you with invaluable insights.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.