Skip to Content

Tag: Detection and Response

Measuring Detection Coverage with MITRE ATT&CK

Security operations metrics provide a way to measure progress in improving maturity and communicate the state of your security operations program within your organization. A key metric that many ReliaQuest customers rely on is using the MITRE ATT&CK® framework to measure detection coverage. Started in 2013, MITRE ATT&CK is a publicly accessible knowledge base of […]

Solving Cybersecurity’s Data Conundrum via DIR Approaches

An influx of security tools and alerts, and ineffective and/or suboptimal detection, investigation, and response (DIR) processes have painted security operations (SecOps) in a chaotic light. Then, throw data and resources that are all over the place into the mix, and you’re potentially looking at a big mess—one that goes beyond the confines of an […]

Log4Shell Overview and ReliaQuest Solutions

An overview of how Log4Shell Works Tools available to ReliaQuest GreyMatter Customers A downloadable utility to assist with quickly identifying vulnerable AND very easily exploitable applications. The utility is available for direct download here, and includes instructions for installation and use Understanding how Log4Shell Works Log4Shell is a vulnerability in the Java Naming and Directory […]

What Is Open XDR?

Open extended detection and response (Open XDR) is a growing term in cybersecurity. It denotes an open, vendor-agnostic approach to detection and response that goes beyond the endpoint for a holistic view of your security posture across a broad tool set. Let’s take a closer look at how this security methodology emerged and how it […]

Defending Against Supply Chain Attacks

Supply chain attacks have been making lots of news recently. Before we explore this phenomenon, let’s first make sure we’re clear on what we’re talking about. A supply chain attack is a type of security incident in which a threat actor inserts code into a trusted software product or hardware device. This technique opens an […]

ReliaQuest at Black Hat 2021

One of the largest cybersecurity conferences is fast approaching and ReliaQuest will be there. Black Hat 2021 is back in person this July 31st – August 5th and ReliaQuest is proud to be a Platinum Sponsor. As we return to in-person events, the following is a Who, What, Where and When for all things ReliaQuest at Black Hat 2021. We are looking forward to seeing you there – or in our virtual booth.    If you’re headed to Black Hat and would like […]

Hybrid Intelligence Needed to Thwart AI-Powered Attacks

Just as defenders are leveraging AI elements such as machine learning and automation, adversaries are incorporating advanced techniques into their malicious activities. Hence the emergence of AI-powered attacks. Dubbed “one of the biggest fears within the security community” by Max Heinemeyer, Director of Threat Hunting at DarkTrace, AI-powered attacks leverage more offensive AI and less […]

Why the REvil Ransomware Gang Is Dominating the Headlines in 2021

You’ve probably heard about what happened to Kaseya. Just as a refresher, the IT solutions provider announced that it was “experiencing a potential attack” against one of its solutions on July 2 and ordered customers to shut down their product servers while they waited to hear more. A day later, Kaseya urged customers who encountered […]