Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat Detection

Detecting account compromise with UEBA detection packages

The Elastic InfoSec Threat Detection team is responsible for building, tuning, and maintaining the security detections used to protect all Elastic® systems. Internally, we call ourselves Customer Zero and we strive to always use the newest versions of our products. This blog details how we are building packages of detection rules that work together to create a high fidelity alert for strange user behavior.

Google introduces real-time scanning on Android devices to fight malicious apps

It doesn't matter if you have a smartphone, a tablet, a laptop, or a desktop computer. Whatever your computing device of choice, you don't want it impacted by malware. And although many of us are familiar with the concept of protecting our PCs and laptops with security software that aims to identify attacks in real-time, it's not a defence that is as widely adopted on mobile devices.

Exploring the Cybersecurity Landscape: Insights from Shira Rubinoff and Gideon Hazam

In an ever-shifting digital world, cybersecurity remains at the forefront of protecting our digital assets. We're excited to bring you the latest conversation between two prominent figures in the cybersecurity realm—Shira Rubinoff and Gideon Hazam. This engaging discussion delves deep into the dynamic cybersecurity landscape, providing you with invaluable insights.

The Art of Team Building: Blueprints from the Black Hat NOC

It has been a distinct honor to be a part of the Corelight team that helped defend this year’s Black Hat events. I started the event season in the Network Operations Center (NOC) at Black Hat Asia, and then capped it off at Black Hat in Las Vegas. In this blog I’ll share my experience and learnings from participating in both NOCs.

Most Organizations Believe Malicious Use of AI is Close to Evading Detection

As organizations continue to believe the malicious use of artificial intelligence (AI) will outpace its defensive use, new data focused on the future of AI in cyber attacks and defenses should leave you very worried. It all started with the proposed misuse of ChatGPT to write better emails and has (currently) evolved into purpose-built generative AI tools to build malicious emails. Or worse, to create anything an attacker would need using a simple prompt.

Malware Detection & Top Techniques Today

Every day, an average of 450,000 new malware are designed to wreak havoc on businesses, governments, and average citizens. Aside from the financial implications of malware, the reputational damage for companies and the psychological impact on victims (especially with ransomware) are enough to scare anyone at the thought of dealing with a malware attack. But it’s not all bad news! There is a way of protecting your devices and cyberspace with a proactive method.

The State of Cyber Defense 2023: Detection and Response Maturity Model

The Kroll Detection and Response Maturity Model analyses 1,000+ security programs from organisations around the world to identify their actual maturity, the ROI of mature programs and what security leaders can do to elevate their detection and response capabilities. The report leverages data uncovered in our The State of Cyber Defense 2023: The False-Positive of Trust, which looked at responses from 1,000 global security decision-makers.

Why are organizations failing to detect cybersecurity threats?

With the changing security landscape, the most daunting task for the CISO and CIO is to fight an ongoing battle against hackers and cybercriminals. Bad actors stay ahead of the defenders and are always looking to find new vulnerabilities and loopholes to exploit and enter the business network. Failing to address these threats promptly can have catastrophic consequences for the organization.