Threat Detection

XDR marketing is fueling the cybersecurity problem for businesses

Nov 1, 2021 By Ian McShane, Field CTO In Arctic Wolf

If there is one positive we can take from the last sixteen months, it is businesses embracing a more flexible working culture for their employees. Fundamental changes to the traditional nine-to-five working day means that many companies, in part, have already successfully transformed some of their operations to meet the demands of a new hybrid working world that is now very much the norm.

Read Post

Arctic Wolf

Read more about XDR marketing is fueling the cybersecurity problem for businesses

OT Security: Risks, Challenges and Securing your Environment

Oct 31, 2021 By Tripwire Guest Authors In Tripwire

Before the revolution of Information Technology (IT), the world experienced the revolution of Operational Technology (OT). Operational Technology is the combination of hardware and software that controls and operates the physical mechanisms of industry. OT systems play an important role in the water, manufacturing, power, and distribution systems that transformed industry into the modern age. All of these systems function to operate, automate, and manage industrial machines.

Read Post

Tripwire

Read more about OT Security: Risks, Challenges and Securing your Environment

The Callback is Coming From Inside the House

Oct 29, 2021 By Corelight In Corelight

This bone-chilling webinar will cover: A spine-tingling hands-on-keyboard scenario of a motivated and capable insider threat working with the ghoulish adversary. Use of realistic and terrifying exploits and offensive security tools to simulate adversary TTPs, and how organizations are able to hunt for them. A practical threat hunting session demonstrating true behavioral hunting that walks participants through not only how the attack was carried out, but also how they can hunt for this insidious behavior in their own environments.

View Video

Corelight

Read more about The Callback is Coming From Inside the House

Code similarity analysis with r2diaphora

Oct 27, 2021 By Fernando Dominguez In AT&T Cybersecurity

Binary diffing, a technique for comparing binaries, can be a powerful tool to facilitate malware analysis and perform malware family attribution. This blog post describes how AT&T Alien Labs is leveraging binary diffing and code analysis to reduce reverse-engineering time and generate threat intelligence.

Read Post

AT&T Cybersecurity

Read more about Code similarity analysis with r2diaphora

High(er) Fidelity Software Supply Chain Attack Detection

Oct 26, 2021 By Marcus LaFerrera In Splunk

Over the last year, many of us have been introduced to the term “Software Supply Chain”. For better or worse, it is now part of our defense vernacular and won’t be going away any time soon. If anything, it has consumed us in many ways and has been the cause of many nights of lost sleep. Well, that could just be us on the SURGe team here at Splunk.

Read Post

Splunk

Read more about High(er) Fidelity Software Supply Chain Attack Detection

SIEM use cases: how to develop bespoke threat detection rules

Oct 22, 2021 By Roger Bell In Redscan

But, as we explored in the first of this two-part series, there are limitations to using the out-of-the-box rules which form part of the technology. In this blog post, we explore how to customise rules, the rule development process and the role of Sigma.

Read Post

Redscan

Read more about SIEM use cases: how to develop bespoke threat detection rules

Detect & Resolve Threats with Real-Time Salesforce Events and Splunk

Oct 21, 2021 By Splunk In Splunk

Salesforce Event Monitoring exposes dozens of logs plus unique enriched and ML-generated real-time events. Learn how Splunk helps you get deep visibility across multiple Salesforce organizations and beyond to flag anomalies, protect against internal and external threats, and prevent accidental data loss. Drill into risky LoginAs behavior and pinpoint user permission changes including over-privileged users. Finally, see how a Salesforce Security team can recognize and respond to a credential stuffing attack... all without leaving Slack!

View Video

Splunk

Read more about Detect & Resolve Threats with Real-Time Salesforce Events and Splunk

Introducing AT&T Managed Extended Detection and Response (XDR)

Oct 19, 2021 By Lisa Ashjian In AT&T Cybersecurity

In today’s dynamic threat landscape, having different tools to meet unique security requirements helps keep data protected. However, businesses today have 10 to 50+ security tools and consequently spend too much time managing them instead of protecting against cybercrime. This security tool overload creates internal challenges and potentially distracts from the primary business mission.

Read Post

AT&T Cybersecurity

Read more about Introducing AT&T Managed Extended Detection and Response (XDR)

What is an Intrusion Detection System (IDS)? + Best IDS Tools

Oct 18, 2021 By Catherine Chipeta In UpGuard

An intrusion detection system (IDS) is a software application or hardware device that detects vulnerability exploits, malicious activity, or policy violations. IDSs place sensors on network devices like firewalls, servers, and routers, or at a host level. Once the IDS detects any cyber threats, the system will either report this information to an administrator or a security information and event management (SIEM) system collects it centrally.

Read Post

UpGuard

Read more about What is an Intrusion Detection System (IDS)? + Best IDS Tools

Take the Corelight challenge: Splunk's Boss of the SOC

Oct 18, 2021 By Ed Smith In Corelight

Looking for some threat hunting and incident response practice that's more game than work? Check out the new Capture the Flag (CTF) challenges from Corelight, now available on Splunk’s Boss of the SOC (BOTS) website - just in time for.conf! Our two on-demand BOTS modules will show you how Corelight data in Splunk can accelerate your processes and help analysts spend more time analyzing and less time fumbling with queries and gluing together data sources.

Read Post