Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat Detection

LimaCharlie Integrates with SnapAttack's Community Edition Powering Threat Detections

LimaCharlie is pleased to announce an integration with SnapAttack’s Community Edition, a new offering from SnapAttack that gives organizations access to open-source intelligence objects and behaviorally-oriented detections developed by SnapAttack’s threat research team and highly skilled community researchers together with popular community tools, such as Atomic Red Team and Sigma.

Zeek on Windows

As we shared at ZeekWeek 2022 in October, we’re thrilled to announce emerging support for Zeek on Windows, thanks to an open-source contribution from Microsoft. Part of its integration of Zeek into its Defender for Endpoint security platform, this contribution provides fully-native build support for Windows platforms and opens up a range of future technical possibilities in this vast ecosystem.

CrowdStrike Falcon Platform Achieves 100% Detection and Protection Against MacOS Malware with Zero False Positives in Latest MacOS AV-TEST

As organizations increasingly face malware attacks that target macOS, detecting and preventing attacks without disruption caused by false positives and false warning messages is increasingly important. That’s why we’re proud to share that the CrowdStrike Falcon® platform once again achieved 100% detection and prevention of macOS malware with ZERO false positives in the latest AV-TEST macOS evaluation.

IoT/OT/ICS threats: Detecting vulnerable Boa web servers

On Nov. 22, 2022 Microsoft announced research findings about an ongoing supply chain attack against IoT devices running Boa web servers. The Boa web server, an open-source small-footprint web server suitable for embedded applications, was discontinued in 2005, but many software development kits still use this lightweight server on IoT hardware. Since being discontinued, vulnerabilities were discovered in Boa that make every version out there exploitable.

Analyze security logs from Amazon Security Lake with Datadog

Amazon Security Lake allows customers to build security data lakes from integrated cloud and on-premises data sources as well as from their private applications. Directing your security telemetry into a unified data lake makes it easier to manage, analyze, and route security-log and event data to third-party SIEM solutions that leverage that telemetry.

Trustwave Managed Detection & Response

Don’t let complexity and cyber threats get in the way of moving your business forward. Trustwave Managed Detection and Response (MDR) is an industry-leading rapid threat detection and response service. We monitor, investigate, and respond to active threats to your business 24x7. Augment your team today with cyber experts for superior protection against the most sophisticated threats.

Detecting 5 current APTs without heavy lifting

The Corelight Labs team prides itself on the ability to create novel Zeek and Suricata detection content that delves deep into packet streams by leveraging the full power of these tools. However this level of additional sophistication is not always required: sometimes there are straightforward approaches that only require queries over standard Zeek logs. It’s always valuable when developing detections to keep in mind that “sometimes simple does just fine.”

What Is Cloud Detection and Response and Why Do You Need It?

Cloud adoption is vastly increasing. Right now, 9o% of businesses are using or plan to use a multi-cloud environment. While the cloud, which refers to internet-accessed servers that are not directly managed by the business, can help organizations scale in a cost-effective manner, they also create new cybersecurity risks.