Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat Detection

Entity Collection Overview

The current tempo in information security is getting increasingly faster. We continue to chase quicker detections and faster responses. But does that align with reality? Troves of data is being ingested at wire speed w/filtering, comparing, correlating, identifying, and other transform operations in the event lifecycle. This comes with an increased risk of missed events/alerts, indiscernible log activity from various origins, and the potential for analysis paralysis/desensitization/burnout…

How Intrusion Detection Systems (IDS) Work: One Part of Your Security Arsenal

All cyberattacks that violate the confidentiality, integrity and availability (CIA) of the network and data demonstrate some form of anomalous behavior. The starting point of this behavior may be an unauthorized intrusion into the network and, then, unauthorized use of the resources contained within the network. If you can identify an unauthorized network intrusion attempt, you can maintain the CIA of your data assets and network resources.

DLL Side-Loading: How to Combat Threat Actor Evasion Techniques

Threat actors constantly evolve their tactics and techniques to circumvent security solutions. Working at the cutting-edge of detection engineering, CrowdStrike rapidly tracks and observes these evolutions in tactics to deliver timely, effective detections that protect customers. In this blog, we explore DLL side-loading and learn how CrowdStrike has expanded protections with Advanced Memory Scanning.

From Noise to Signal: Enrichment and Routing with Corelight, Cribl, and Elastic

Monitoring network traffic is essential to SecOps. Security teams need to streamline network detection, data routing, and analysis for faster incident response. Corelight, Cribl, and Elastic combine to provide a unique solution that transforms the noise of network traffic into effectively routed, optimized data.

Corelight Investigator introduces new Machine Learning Models

Corelight Investigator furthers its commitment to delivering next-level analytics through the expansion of its machine learning models. Security teams are now enabled with additional supervised and deep learning models, including: We continue to provide complete transparency behind our evidence -- showing the logic behind our machine learning models and detections, allowing analysts to quickly and easily validate the alerts.

Nightfall Enables Advanced Secret Detection with Enhanced Machine Learning API Key Detector

Compromised secrets and credentials are the most common cause of data breaches and are often left unmanaged. In the past year alone, we’ve seen sustained growth in supply chain attacks and security incidents impacting the security of secrets stored in code repos or unknowingly shared within SaaS applications. Because of this, there is a compelling need for reliable, accurate, and actionable secrets detection for modern organizations.