Threat Detection

Catching SSH and RDP attacks without decryption

Aug 30, 2021 By Corelight In Corelight

With the rise in distributed workforces both SSH and RDP connections have proliferated as remote employees connect to sensitive internal environments and machines to do their job. Unfortunately, these remote-friendly protocols are also prime attack targets and once compromised give adversaries a clear path to move laterally, deploy ransomware, and more.

View Video

Corelight

Read more about Catching SSH and RDP attacks without decryption

Detect Everything: Bring Google Scale NDR to your Security Operations

Aug 27, 2021 By Corelight In Corelight

Many organizations find that today’s security tools are not built for petabyte scale, long-term telemetry retention and are often cost prohibitive. Ingestion based pricing forces customers to limit what data is collected and retained, resulting in both more false positives and missed valid threats. Learn how enterprises can leverage all of their high-fidelity network data to gain a comprehensive, accurate and real-time understanding of your environment at any scale, on-prem or in the cloud.

View Video

Corelight

Read more about Detect Everything: Bring Google Scale NDR to your Security Operations

Operationalizing network evidence for meaningful outcomes

Aug 27, 2021 By Corelight In Corelight

Organizations are experiencing an increase in both threat volumes and complexity, leaving corporate security teams with the ongoing challenge of balancing workloads across a broader attack surface. IT and security teams struggle to identify all their endpoints and are often unable to install Endpoint Detection and Response (EDR) software on every known endpoint device, leaving security gaps that increase business risk. Network visibility is crucial for multi-layer defense and provides critical data to fill endpoint visibility gaps.

View Video

Corelight

Read more about Operationalizing network evidence for meaningful outcomes

Smarter PCAP for security teams

Aug 25, 2021 By Corelight In Corelight

Give your security teams 10x the retention length at 50% the cost of full PCAP. Watch this webcast and you'll discover how to.

View Video

Corelight

Read more about Smarter PCAP for security teams

Detection and response for the actively exploited ProxyShell vulnerabilities

Aug 25, 2021 By Elastic Security Intelligence & Analytics Team In Elastic

On August 21, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released an urgent notice related to the exploitation of ProxyShell vulnerabilities ( CVE-2021-31207 , CVE-2021-34473 , CVE-2021-34523 ). By chaining these vulnerabilities together, threat actors are compromising unpatched Microsoft Exchange servers and gaining footholds into enterprise networks.

Read Post

Elastic

Read more about Detection and response for the actively exploited ProxyShell vulnerabilities

Tessian partners with Optiv Security as part of the company's move to a 100% channel model

Aug 24, 2021 By Tessian

Human Layer Security company Tessian today announces that it is moving to a 100% channel model, partnering with leading cybersecurity partners like Optiv Security to help enterprises secure the human layer and protect against threats caused by human error.

Read Post

Read more about Tessian partners with Optiv Security as part of the company's move to a 100% channel model

SANSFire: An Alert Has Fired. Now what?

Aug 24, 2021 By Corelight In Corelight

While the security industry spends a lot of time and energy getting more and/or better alerts, comparatively little investment has gone into helping analysts operationalize and contextualize those alerts. This webcast will discuss how a solid foundation of network telemetry can enable not only high-velocity, high-confidence processing of alerts of all stripes, but also a host of other critical security applications, from fundamentals like asset management to advanced techniques like proactive threat hunting. Real-world examples and code will be used throughout the talk, along with practical considerations for operating in an enterprise environment.

View Video

Corelight

Read more about SANSFire: An Alert Has Fired. Now what?

Cyber Defenders Defending Critical Infrastructure Interview with Aaron Cockerill

Aug 24, 2021 By Lookout In Lookout

Nextgov interview with Aaron Cockerill for a conversation shaped by today’s topics of critical infrastructure and cybersecurity threats. Discussing everything from phishing attacks to hybrid-remote work best practices, this interview offers insight into how Lookout can help both public and private organizations address digital threat prevention, providing relevant context to the cybersecurity world going forward.

View Video

Lookout

Read more about Cyber Defenders Defending Critical Infrastructure Interview with Aaron Cockerill

Sending Detections to a Slack Channel

Aug 20, 2021 By LimaCharlie In LimaCharlie

This video demonstrates how LimaCharlie users can configure an Organization to send detection telemetry into a Slack Channel.

View Video

LimaCharlie

Read more about Sending Detections to a Slack Channel

Detect security threats with anomaly detection rules

Aug 18, 2021 By Jordan Obey In Datadog

Securing your environment requires being able to quickly detect abnormal activity that could represent a threat. But today’s modern cloud infrastructure is large, complex, and can generate vast volumes of logs. This makes it difficult to determine what activity is normal and harder to identify anomalous behavior. Now, in addition to threshold and new term –based Threat Detection Rules , Datadog Security Monitoring provides the ability to create anomaly

Read Post