Threat Detection

How SOCs can level up their PCAP game with Smart PCAP (Part 2)

Jul 13, 2023 By Roger Cheeks In Corelight

In terms of unencrypted traffic, several highly used protocols lend themselves to logging and can significantly reduce the burden of packet capture without lowering the fidelity of information or the capabilities of analysts.

Read Post

Corelight

Read more about How SOCs can level up their PCAP game with Smart PCAP (Part 2)

Tutorial: Cyclops Blink Detection Tools

Jul 12, 2023 By WatchGuard In WatchGuard

In this video, you will learn how to use the three tools WatchGuard provides to help you diagnose if your Firebox is affected by Cyclops Blink.

View Video

WatchGuard

Read more about Tutorial: Cyclops Blink Detection Tools

Detection as Code: How To Embed Threat Detection into Code

Jul 11, 2023 By Muhammad Raza In Splunk

Like many concepts at the intersection of software engineering and cybersecurity, threat detection has emerged as a recent candidate to adopt the ‘as-code’ discipline to detection. This is driven by two key factors: Detection as Code is a new paradigm that brings a structured, systematic and flexible methodology for threat detection inspired by the as-code best practice of software engineering, commonly adopted in DevOps and Agile software development frameworks.

Read Post

Splunk

Read more about Detection as Code: How To Embed Threat Detection into Code

Threat Detection In 2023 Is Broken. Here's How to Fix It

Jun 28, 2023 By Laura In SenseOn

Why have cyber incidents topped the Allianz Risk Barometer for the last two years in a row? Growing attack surfaces are partly responsible. Remote work, cloud migration, IoT use and other trends give cyber threats more places to enter and hide within networks. But there is another cause – deficiencies in the standard approach to threat detection and response.

Read Post

SenseOn

Read more about Threat Detection In 2023 Is Broken. Here's How to Fix It

5 Steps to Combating Emerging Threats with Network Security

Jun 27, 2023 By Joe Thibault In Forescout

In today’s rapidly evolving threat landscape, cybercriminals have become more sophisticated than ever, making it crucial to stay abreast of the latest trends and tactics. The challenge is exacerbated by the expanding attack surface as more devices and device types connect to enterprise networks: IT, OT, IoT and IoMT devices, all with known vulnerabilities that can be exploited.

Read Post

Forescout

Read more about 5 Steps to Combating Emerging Threats with Network Security

Ransomware detections on endpoints increase by 627%

Jun 27, 2023 By Manu Santamaría Delgado In WatchGuard

Ransomware is still present and growing across the threat landscape, to the extent that some organizations now include the cost of a ransomware attack in their annual budgets. Data from our Internet Security Report - Q4 2022 reveals that ransomware detections on endpoints rose by an alarming 627% in 2022 compared to the previous year. While ransomware does not discriminate by industry type, the report clearly shows the manufacturing sector was the most affected during 2022.

Read Post

WatchGuard

Read more about Ransomware detections on endpoints increase by 627%

What are Advanced Persistent Threats (APT) and How to Prevent Them.

Jun 23, 2023 By UTMStack In UTMStack

Advanced persistent threats (APTs) and targeted attacks are a growing concern for organizations of all sizes. These types of cyber attacks are characterized by their high level of sophistication and the ability to evade traditional security measures. In order to defend against APTs, organizations need to adopt a multi-layered approach that includes implementing security information and event management (SIEM) systems.

View Video

UTMStack

Read more about What are Advanced Persistent Threats (APT) and How to Prevent Them.

Extending visibility through our new ICS/OT collection

Jun 21, 2023 By Vince Stoffer In Corelight

Increasingly, security teams are tasked with identifying, understanding, and managing risk around devices that may live outside the traditional IT umbrella. Operational Technology (OT) refers to computing systems that are used to manage and process operational functions as opposed to administrative operations, with Industrial Control Systems (ICS) being a major segment of that OT sector.

Read Post

Corelight

Read more about Extending visibility through our new ICS/OT collection

How to Use Algorithms to Identify Suspicious Activity in Real-Time

Jun 15, 2023 By SecuritySenses In SecuritySenses

The growth of fraudulent activity poses a significant threat to businesses in today's increasingly digital environment. The techniques fraudsters use are continuously evolving-making it difficult for traditional rule-based systems to stay up, as the estimated corporate revenue lost to fraud stands at $4.7 trillion globally every year. Employing increasingly advanced and dynamic fraud detection techniques have become essential. Machine learning is the most promising technology tool to combat financial fraud.

Read Post

SecuritySenses

Read more about How to Use Algorithms to Identify Suspicious Activity in Real-Time

5 Cyber Threat Prevention Strategies to Protect Your Growing Digital Footprint

Jun 13, 2023 By Rachel Holmes In BitSight

Every cybersecurity leader is looking for best practices to prevent cyber threats and cyberattacks. Chief among them is a relentless focus on cyber hygiene—the practice of maintaining the cyber health of your digital infrastructure. Good cyber hygiene significantly lowers the chance of cyber incidents. Indeed, a Bitsight study found that poor cyber hygiene, as determined by an organization’s security rating, increases the risk of a ransomware attack by 4.6 times.

Read Post