Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Logsign

How to Initiate a Threat Hunting Program (Part 2)?

In the previous steps, analysts have gathered enough data to answer their hypothesis. Two types of situations can occur. Either the real threat is found or the vulnerability is detected. In both cases, analysts action is necessary. The analysts must respond immediately when a real threat is identified. However, if there is any vulnerability, they should also resolve this before it becomes a really big nightmare.

How to Initiate a Threat Hunting Program (Part 1)?

Over the past many years, cyber threats have become greater in frequency and more sophisticated than ever. Current security mechanisms are based on traditional reactive approaches such as antivirus programs and firewalls who react once the incident has occurred. Under such circumstances, intruders have a chance to compromise your network either partially or entirely.

Fortnite Security Flaw - 80 Million Accounts Exposed

With over 80 million players globally, Fortnite stands out as an undisputed champion when it comes to online gaming. Fortnite has been developed by Epic Games, an American game developer. However, it seems that the same cannot be said for Epic Games when it comes to security and protection of user data. Fortnite accounts for around 50% of Epic Games’ estimated value of $8.5 billion.

How to Prevent Data Breaches in 2019?

Cybersecurity is a continuous phenomenon. New countless threats emerge every day and cybersecurity analysts continually develop a fast, reliable, and sophisticated techniques to thwart these notorious threats in order to prevent financial loss and reputational damage. According to the Analysts, like the previous year (2018), 2019 will also witness the increase in data breaches.

French Data Protection Authority fines Google Euro50 million under the GDPR

France’s national data protection authority (CNIL — Commission Nationale de l’informatique et des Libertés) ordered its first sanction under the EU’s General Data Protection Regulation, or as commonly called as the GDPR. In this sanction, the CNIL fined Google a whopping €50 million because of Google’s failure to comply with the GDPR provisions when a user sets up his new Android phone and follows the subsequent process.

Questions to Consider When Choosing a SOAR Solution

Security Orchestration, Automation, and Response (SOAR) solution effectively deal with information security challenges and provide better defence against cyber threats. However, the organizations must be aware of important questions before deploying the SOAR solution. The following sections will take a deep dive to elaborate on these questions.

Security Orchestration Use Case: How to Automate Incident Severity Assignment?

Is your CSIRT team facing too many security alerts? Is your SOC has various security products that are jumbled together? Are you worried about setting the sensitivity of each product? How a severity level should be assigned to each imminent incident? These questions are hard to answer by today’s security professionals. However, security orchestration plays a crucial role in helping experts to address these questions.

Security Orchestration Use Case: How to Automate Threat Hunting?

Threat hunting is the practice of iteratively and proactively hunting for threats or Advanced Persistent Threats (APT) that are launched by adversaries. Unlike traditional security systems such as antivirus program, firewalls, or SIEM, who use a reactive approach to threats, threat hunting utilizes a proactive approach to pursuing threats even before they compromise organization’s network or IT infrastructure.

Security Orchestration Use Case: How to Automate Malware Analysis?

Malware Analysis is the process whereby security teams such as Incident Response Handlers perform a detailed analysis of a given malware sample and then determine its purpose, functionality, and potential impact. Conducting malware analysis manually is a cumbersome and time-consuming process as it involves a lot of security professionals, resources, and budget.