Threat Detection

Honeypot Recon: Global Database Threat Landscape

Jun 13, 2023 By Radoslaw Zdonczyk In Trustwave

In today's digital era, the importance of securing databases cannot be overstated. As more and more global businesses and organizations rely on DBMS systems to store tons of sensitive information, the risk of targeted attacks and data breaches continues to increase. Therefore, the importance of monitoring and uncovering new actors along with their - often unique - attack techniques and methods is crucial.

Read Post

Trustwave

Read more about Honeypot Recon: Global Database Threat Landscape

Lessons Learned Deploying Corelight in the Black Hat Asia NOC

Jun 12, 2023 By Dustin Lee In Corelight

Last month, Corelight had the distinct privilege of joining Cisco, NetWitness, Palo Alto Networks, Arista, and our internet service provider, MyRepublic, to provide availability and network security overwatch to the Black Hat Asia network in Singapore. This marked our first appearance in the Black Hat Network Operations Center (NOC).

Read Post

Corelight

Read more about Lessons Learned Deploying Corelight in the Black Hat Asia NOC

Elastic's detection rules are still open for business - plus further visibility to data quality

Jun 12, 2023 By Dhrumil Patel, In Elastic

Given the increasing frequency, tempo, and sophistication of cyber attacks, it's more important than ever that organizations take a proactive approach to protecting their sensitive data and assets. One of the most critical elements of effective cybersecurity is openness. An open approach to cybersecurity means being transparent, sharing knowledge, and collaborating to build more robust defenses against threats.

Read Post

Elastic

Read more about Elastic's detection rules are still open for business - plus further visibility to data quality

Look both ways: Preventing suspicious behavior with end-to-end detections

Jun 7, 2023 By Nigel Douglas In Sysdig

In the rapidly evolving digital landscape, malicious actors constantly adapt their strategies to infiltrate our systems. Traditional endpoint detection mechanisms are no longer sufficient to protect our applications and workloads against advanced threats. To effectively address this concern, it has become imperative to embrace a broader approach to threat detection. This entails a paradigm shift towards incorporating both agent-based and agentless detection methods.

Read Post

Sysdig

Read more about Look both ways: Preventing suspicious behavior with end-to-end detections

Sysdig Enriched Process Trees, an Innovative Approach to Threat Detection

Jun 7, 2023 By Víctor Jiménez Cerrada In Sysdig

Discover how Sysdig Secure’s new Process Tree feature improves threat investigation. Imagine you’re investigating a security related detection, the investigation was triggered by the execution of stat/etc/shadow in one of your containers. Is this a sign of a legitimate activity, such as a developer debugging an app, or a sign that your container has been compromised? It depends on the context.

Read Post

Sysdig

Read more about Sysdig Enriched Process Trees, an Innovative Approach to Threat Detection

Stop Cloud Breaches in Real Time and Accelerate Investigation and Response with Sysdig CDR

Jun 7, 2023 By Matt Kim In Sysdig

Is your organization grappling with the relentless pace of ever-changing threats in the cloud? Are you spending hours investigating security events without identifying the root cause of the problem?

Read Post

Sysdig

Read more about Stop Cloud Breaches in Real Time and Accelerate Investigation and Response with Sysdig CDR

3 Reasons to Leverage AI for Enhanced Threat and Vulnerability Management

Jun 7, 2023 By Natalie Tischler In Veracode

As the cyber threat landscape continues to evolve, you know there’s a growing need to ensure applications and software are protected from malicious actors. A holistic and intelligent approach to threat and vulnerability management is essential for ensuring security against modern cyber risk. By leveraging AI-powered tools, especially for tasks like remediating security flaws, you can manage and reduce risk quickly and effectively.

Read Post

Veracode

Read more about 3 Reasons to Leverage AI for Enhanced Threat and Vulnerability Management

Sysdig Enriched Process Trees, an Innovative Approach to Threat Detection

Jun 7, 2023 By Sysdig In Sysdig

Discover how Sysdig Secure’s new Process Tree feature improves threat investigation. In order to speed up the investigation of security events, Sysdig Secure now includes a process tree showing the attack journey from user to process, including process lineage, container and host information, malicious user details, and impact. In Linux systems, a process tree refers to the hierarchical representation of running processes on a system. It depicts the parent-child relationship between processes all the way to the root.

View Video

Sysdig

Read more about Sysdig Enriched Process Trees, an Innovative Approach to Threat Detection

I have Trust Issues and So Does My CISO How NDR can help identify issues in your ZTA

Jun 2, 2023 By Corelight In Corelight

Speakers: Matt Bromiley (SANS), Tim Nolen, Sr. Sales Engineer (Corelight), Jean Schaffer, Federal CTO (Corelight)

View Video

Corelight

Read more about I have Trust Issues and So Does My CISO How NDR can help identify issues in your ZTA

Celebrating CrowdStrike's New Network Detection Service "Powered by Corelight"

Jun 1, 2023 By Allen Marin In Corelight

Several months ago, we announced that our strategic alliance partner CrowdStrike decided to use our Open NDR technology across its professional services portfolio. This wasn’t just a meaningful validation for us—it was also a testament to the importance CrowdStrike places in arming its world-class Services teams with the technology that can best ensure the protection of its customers.

Read Post