Threat Detection

Why MDR is Your Most Important Security Investment

Apr 6, 2022 By Trustwave In Trustwave

The cybersecurity threat landscape is continuously evolving, with the frequency and impacts of threats like malware and ransomware increasing every year. Today, organizations of all sizes and in every industry sector must be proactively searching for emerging threats and actively monitoring risk to protect themselves – and respond quickly in the event that a threat is identified.

Read Post

Trustwave

Read more about Why MDR is Your Most Important Security Investment

CrowdStrike Achieves 100% Prevention in Recent MITRE Engenuity ATT&CK Evaluation Emulating Russia-based Threat Groups

Mar 31, 2022 By Michael Sentonas In CrowdStrike

At CrowdStrike, we believe that rigorous, independent testing is a vital part of the security ecosystem. It provides customers with transparency and insight into the critical capabilities required to stop today’s sophisticated threats. That’s why I’m excited to share the results of Round 4 of the MITRE Engenuity ATT&CK Enterprise Evaluation: The CrowdStrike Falcon platform stops breaches with 100% prevention, comprehensive visibility and actionable alerts.

Read Post

CrowdStrike

Read more about CrowdStrike Achieves 100% Prevention in Recent MITRE Engenuity ATT&CK Evaluation Emulating Russia-based Threat Groups

Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer

Mar 25, 2022 By Stefano Chierici In Sysdig

On March 22, the hacking group Lapsus$ published a Twitter post with a number of screenshots taken from a computer showing “superuser/admin” access to various systems at authentication firm Okta that took place in January this year. Okta is a platform in the #1 platform in Identity-as-a-Service (IDaaS) category, which means that it manages access to internal and external systems with one login.

Read Post

Sysdig

Read more about Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer

VPNs are increasingly common - how much can you see?

Mar 24, 2022 By Vince Stoffer In Corelight

VPN tunnels are like shipping containers in that they are widely used (especially as the pandemic has moved more of the workforce to remote work), and they can be used to carry traffic for legitimate as well as malicious purposes. Establishing a tunnel between corporate offices, remote workers, or partners to transfer data is a legitimate and common use for VPNs.

Read Post

Corelight

Read more about VPNs are increasingly common - how much can you see?

SANS 2022 Cloud Security Survey

Mar 23, 2022 By Corelight In Corelight

The state of cloud security is evolving. Many organizations are implementing new and more advanced cloud security services that offer cloud-focused controls and capabilities, including services and tools that provide network connectivity and security for end users and office locations, security monitoring and policy controls, and identity services, among others.

View Video

Corelight

Read more about SANS 2022 Cloud Security Survey

[Webcast] Defending against nation-state actors

Mar 23, 2022 By Corelight In Corelight

With the threat of Russian cyberattacks on the rise, it’s essential for defenders of critical infrastructure to pressure test their cyber defense capabilities. In this webcast, Corelight's Alex Kirk reviews the specific techniques, tactics, and procedures that defenders should monitor in order to identify and disrupt attacks in their environment. Alex has a long and storied career as a cybersecurity professional, including a recent volunteer engagement training Ukrainian cyberdefenders this past fall.

View Video

Corelight

Read more about [Webcast] Defending against nation-state actors

6 Steps to Defend Against Advanced Persistent Threats

Mar 16, 2022 By David Buster In Egnyte

The cybersecurity community uses the term Advanced Persistent Threats to refer to threats that have extremely long persistence on a particular target—often lurking inside a target system for years. Their targets can include government agencies (at all levels), including contractors and suppliers far down the supply chain. Due to their passive nature, you may not even realize that your organization is a target for an APT. In fact, your infrastructure may already be infiltrated.

Read Post

Egnyte

Read more about 6 Steps to Defend Against Advanced Persistent Threats

How to automate workflows with Falcon Fusion and Real Time Response

Mar 15, 2022 By CrowdStrike In CrowdStrike

In this video, we will see how CrowdStrike customers can leverage Falcon Fusion and Real Time Response to create robust automated workflows that can reduce the burden on security teams and help prevent breaches.

View Video

CrowdStrike

Read more about How to automate workflows with Falcon Fusion and Real Time Response

LimaCharlie partners with SOC Prime to deliver continuous content streaming of detections

Mar 15, 2022 By Christopher Luft In LimaCharlie

The cybersecurity landscape is shifting because it has to. The breadth of challenges facing defenders is vast and we are constantly reminded about how unpredictable security can be with zero-days such as the recent Log4Shell vulnerability. New tools and a community-based approach offer a way forward in the face of overwhelming complexity.

Read Post

LimaCharlie

Read more about LimaCharlie partners with SOC Prime to deliver continuous content streaming of detections

46 days vs. 16 minutes: Detecting emerging threats and reducing dwell time with machine learning

Mar 14, 2022 By Craig Chamberlain In Elastic

Machine learning (ML) detections are a powerful tool for detecting emerging threats when we don’t yet know what we’re looking for. The power of anomaly detection is the ability to detect and provide early warning on new threat activity for which rules, indicators, or signatures are not yet available.

Read Post