Threat Detection

I have trust issues and so does my CISO

Jul 27, 2023 By Tim Nolen In Corelight

Trust is hard to earn but necessary for any successful relationship. As organizations build the systems to support Zero Trust, they find themselves balancing security and functionality across their operations. Incident Response and Network Operations in particular can be full of traumatic experiences, and as we sink into those moments the typical responses are freeze, flight, or fight.

Read Post

Corelight

Read more about I have trust issues and so does my CISO

Turning Hunts Into Detections with PEAK

Jul 26, 2023 By David Bianco In Splunk

If you’ve been following our series on the PEAK threat hunting framework, you might already know that the purpose of threat hunting isn’t just to find security incidents your automated detection systems missed. Finding incidents is more like a helpful side effect. The real reason to hunt is to drive improvement to your security posture over time.

Read Post

Splunk

Read more about Turning Hunts Into Detections with PEAK

Corelight CEO, Brian Dye talks to NYSE's Trinity Chavez on 'The Cyber Series'

Jul 25, 2023 By Corelight In Corelight

What is network detection and response, how is it fundamental to #cybersecurity, and why should #investors and #security leaders be investing in the #NDR space? Watch as Corelight CEO Brian Dye shares the answers to these questions and more in a new interview with NYSE.

View Video

Corelight

Read more about Corelight CEO, Brian Dye talks to NYSE's Trinity Chavez on 'The Cyber Series'

Stopping Threat Actors from Gaining Initial Access

Jul 20, 2023 By Trustwave In Trustwave

The recent Trustwave SpiderLabs report, Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape, offers a detailed look at the typical attack flow used in a variety of cyberattacks. The attack flow discussed in the report focused on what a healthcare organization might face, but for the most part, attack flows stay the same regardless of the vertical being attacked.

Read Post

Trustwave

Read more about Stopping Threat Actors from Gaining Initial Access

Graylog Acquires Resurface.io's API Security Solution

Jul 19, 2023 By Graylog In Graylog

Strengthens Threat Detection and Incident Response Portfolio to address Growing API Threats.

Read Post

Graylog

Read more about Graylog Acquires Resurface.io's API Security Solution

Outpost24 CORE delivers complete visibility of technology assets and threat exposure, with business-level mitigation guidance

Jul 19, 2023 By Outpost 24 In Outpost 24

Leading cyber risk platform provider Outpost24 announces release of Outpost24 CORE, a ground-breaking unified exposure management solution that gives unprecedented visibility and real-time insights into an organization's IT asset inventory and their threat exposure across the entire attack surface.

Read Post

Outpost 24

Read more about Outpost24 CORE delivers complete visibility of technology assets and threat exposure, with business-level mitigation guidance

MDR vs. EDR: Which Solution is Right for Your Organization?

Jul 18, 2023 By Arctic Wolf In Arctic Wolf

The rise of remote work and the move to the cloud, as well as the rising rate and increased complexity of cyber attacks, have fundamentally changed the security landscape. Set-it-and-forget it tools are no longer enough. To truly protect yourself from modern cyber threats you need 24×7 monitoring, detection and response. However, even that doesn’t look the same anymore.

Read Post

Arctic Wolf

Read more about MDR vs. EDR: Which Solution is Right for Your Organization?

How SOCs can level up their PCAP game with Smart PCAP (Part 2)

Jul 13, 2023 By Roger Cheeks In Corelight

In terms of unencrypted traffic, several highly used protocols lend themselves to logging and can significantly reduce the burden of packet capture without lowering the fidelity of information or the capabilities of analysts.

Read Post

Corelight

Read more about How SOCs can level up their PCAP game with Smart PCAP (Part 2)

Tutorial: Cyclops Blink Detection Tools

Jul 12, 2023 By WatchGuard In WatchGuard

In this video, you will learn how to use the three tools WatchGuard provides to help you diagnose if your Firebox is affected by Cyclops Blink.

View Video

WatchGuard

Read more about Tutorial: Cyclops Blink Detection Tools

Detection as Code: How To Embed Threat Detection into Code

Jul 11, 2023 By Muhammad Raza In Splunk

Like many concepts at the intersection of software engineering and cybersecurity, threat detection has emerged as a recent candidate to adopt the ‘as-code’ discipline to detection. This is driven by two key factors: Detection as Code is a new paradigm that brings a structured, systematic and flexible methodology for threat detection inspired by the as-code best practice of software engineering, commonly adopted in DevOps and Agile software development frameworks.

Read Post