%term

SOC Visibility Triad: R.I.P. or Rebirth?

Dec 13, 2024 By Corelight In Corelight

The SOC Visibility Triad was defined by Dr. Anton Chuvakin at Gartner almost 10 years ago when the cloud was in its early stages. As the shift to highly dynamic, multicloud environments became mainstream over the last few years, some have argued that the “Triad” should be put to rest since it no longer can ensure the visibility needed to maintain effective security across these modern architectures.

View Video

Corelight

Read more about SOC Visibility Triad: R.I.P. or Rebirth?

Essential Cloud Security Tactics for Securing Complex Environments

Dec 12, 2024 By SecuritySenses In SecuritySenses

In the rapidly expanding world of cloud computing, organizations are increasingly adopting multi-cloud and hybrid cloud strategies to leverage the benefits of flexibility, scalability, and cost-efficiency. However, these complex environments also introduce unique security challenges that must be addressed to protect sensitive data and maintain business continuity. This article explores the essential cloud security tactics that businesses can employ to secure their complex cloud environments effectively.

Read Post

SecuritySenses

Read more about Essential Cloud Security Tactics for Securing Complex Environments

Corelight delivers static file analysis with YARA integration

Dec 11, 2024 By Christopher Sather In Corelight

Malicious files continue to be a significant threat to organizations; SonicWall reported more than six billion malware attacks in 2023. To help organizations prepare for and stay ahead of these threats, we’re introducing an integration with YARA that offers a deeper level of inspection for files across enterprise networks while helping security teams consolidate their toolset in the process.

Read Post

Corelight

Read more about Corelight delivers static file analysis with YARA integration

Open NDR static file analysis powered by YARA

Dec 10, 2024 By Corelight In Corelight

Enhance utility of evidence Identify malicious files from network activity and derive the right context without increasing false positives Improve detection coverage Analyze large volumes of files for detecting threats that can be missed by EDR Drive tool consolidation Consolidate tools and eliminate the need for file extraction, storage and custom scripts.

View Video

Corelight

Read more about Open NDR static file analysis powered by YARA

How YARA rules can complement NDR for malware detection

Dec 10, 2024 By Cynthia Gonzalez In Corelight

The Verizon 2024 Data Breach Investigations Report found that system intrusion is the leading attack pattern for the third consecutive year, accounting for 36% of breaches. System intrusion largely consists of a threat actor using hacking techniques and malware to infiltrate the victim organization. Following a successful intrusion, the attacker continues on a multi-stage process: The longer an attacker remains undetected, the greater their opportunity to find a target and extract data.

Read Post

Corelight

Read more about How YARA rules can complement NDR for malware detection

It's Typhoon Season: Attackers are deliberately evading EDR. What can you do about it?

Dec 6, 2024 By Vince Stoffer In Corelight

Over the past year, several sophisticated cyber-espionage campaigns have grabbed the attention of our industry and challenged defenders and vendors alike with advanced tactics, techniques, and procedures (TTPs). One of the most visible campaigns is Volt Typhoon, named by the Microsoft threat intelligence team in May 2023 and attributed to Chinese state-sponsored threat actors.

Read Post

Corelight

Read more about It's Typhoon Season: Attackers are deliberately evading EDR. What can you do about it?

Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform

Dec 2, 2024 By Sweet Security

Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform. With Sweet, customers can now unify detection and response for applications, workloads, and cloud infrastructure.

Read Post

Read more about Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform

Artificial Intelligence in Cybersecurity: Threat or Advantage?

Nov 25, 2024 By SecuritySenses In SecuritySenses

In today's hyperconnected world, cybersecurity stands as the first line of defense against the growing tide of cyber threats. With billions of devices connected globally, protecting sensitive information has never been more critical-or complex. Enter artificial intelligence (AI), a technological marvel capable of revolutionizing cybersecurity. But as with all powerful tools, AI is a double-edged sword. It holds incredible potential to bolster defenses yet can also amplify the capabilities of cybercriminals.

Read Post

SecuritySenses

Read more about Artificial Intelligence in Cybersecurity: Threat or Advantage?

Detecting Quasar Windows RAT

Nov 22, 2024 By Tillson Galloway In Corelight

Welcome to Corelight Labs' latest hunt! This blog continues our tradition of analyzing trending threat groups and TTPs on Any.Run and writing detectors for them, providing the community with open-source threat intelligence, and acting as a tutorial in engineering threat detections with Zeek Script.

Read Post

Corelight

Read more about Detecting Quasar Windows RAT

AI-Driven Cloud Detection Engineering: Turning Security Telemetry Into Action

Nov 13, 2024 By SecuritySenses In SecuritySenses

Amal Mammadov is a cloud security practitioner and detection engineering specialist whose work sits at the intersection of threat intelligence, cloud-native architecture, and security operations. In this interview, he outlines why most organisations are losing ground despite heavy security investments and what it actually takes to build detection programmes that produce outcomes.

Read Post