Threat Detection

Celebrating CrowdStrike's New Network Detection Service "Powered by Corelight"

Jun 1, 2023 By Allen Marin In Corelight

Several months ago, we announced that our strategic alliance partner CrowdStrike decided to use our Open NDR technology across its professional services portfolio. This wasn’t just a meaningful validation for us—it was also a testament to the importance CrowdStrike places in arming its world-class Services teams with the technology that can best ensure the protection of its customers.

Read Post

Corelight

Read more about Celebrating CrowdStrike's New Network Detection Service "Powered by Corelight"

Microsoft threat detection and response: five key pitfalls (and how to address them)

May 30, 2023 By The Redscan Team In Redscan

Many will choose the Microsoft ecosystem and will need to become familiar with its native threat detection and response tools and understand how to extract maximum value from them. Kroll’s latest eBook, Microsoft Threat Detection and Response: Five Key Pitfalls (and How to Address Them) provides up-to-date insights to enable businesses to level up their cloud security.

Read Post

Redscan

Read more about Microsoft threat detection and response: five key pitfalls (and how to address them)

Threat hunting 101: Leveraging MITRE ATT&CK framework for extended threat detection

May 19, 2023 By General In ManageEngine

Threat detection and mitigation is one of the core responsibilities of a SOC. With cyberattacks becoming more sophisticated, it has become arduous for security analysts to secure their network from threats. Hybrid work and BYOD policies are making it more difficult for SOCs to keep track of network activities. Attackers continue to improvise new tactics and techniques to compromise an organization’s network.

Read Post

ManageEngine

Read more about Threat hunting 101: Leveraging MITRE ATT&CK framework for extended threat detection

Learn about Corelight and Zeek with AI

May 19, 2023 By Corelight In Corelight

Want to know how to get a commanding view of all devices that log onto your network? Let’s ask ChatGPT! Watch as Corelight's James Pope leverages his AI assistant to explain the power of Zeek®—the open-source technology behind Corelight’s network evidence—and the detailed logs of network activity it produces, including protocols such as HTTP, DNS, and SSL. In the video he also shares how Zeek®’s open standard easily integrates with Suricata, SecurityOnion, Molok, Elk, CrowdStrike EDR logs, and more.

View Video

Corelight

Read more about Learn about Corelight and Zeek with AI

Why Cyber Threat Detection and Response Is So Hard

May 15, 2023 By Justin Foster In Forescout

Breakthrough innovation arises primarily in response to two conditions. One, when new technology emerges that creates new demand by fulfilling needs customers didn’t know they had. Think smartphones. A generation ago, people didn’t know they needed to be tethered to a phone the size of their palm that was also a camera, a bank, an encyclopedia and a shopping mall. Two, when new challenges arise that require innovation to address them.

Read Post

Forescout

Read more about Why Cyber Threat Detection and Response Is So Hard

2023 SANS Report Digital Forensics

May 15, 2023 By Corelight In Corelight

Speakers: John Gamble (Corelight), Domenica Crognale, Heather Mahalik, David Smalley.

View Video

Corelight

Read more about 2023 SANS Report Digital Forensics

Leveraging the Dark Side: How CrowdStrike Boosts Machine Learning Efficacy Against Adversaries

May 9, 2023 By Denis Rozimovschii In CrowdStrike

The power of the CrowdStrike Falcon® platform lies in its ability to detect and protect customers from new and unknown threats by leveraging the power of the cloud and expertly built machine learning (ML) models. In real-world conditions and in independent third-party evaluations, Falcon’s on-sensor and cloud ML capabilities consistently achieve excellent results across Windows, Linux and macOS platforms.

Read Post

CrowdStrike

Read more about Leveraging the Dark Side: How CrowdStrike Boosts Machine Learning Efficacy Against Adversaries

Zenity Helps Microsoft Identify and Remediate Critical Security Risk in Power Automate Desktop

May 8, 2023 By Andrew Silberman In Zenity

About seven months ago at Defcon, Zenity CTO Michael Bargury presented security research that discovered and outlined a way to take over Microsoft Power Automate enabling bad actors to send ransomware to connected machines by using Power Automate as it was designed. By simply taking over an endpoint, our research showed that attackers can run their own payloads and execute malware by assigning machines to a new administrative account using a basic command line.

Read Post