Topic
Detection and Response
How to Achieve Best-in-Class Security Operations
Why you need outcome-driven Security Operations for today’s dynamic business and threat environment Digital transformation, hybrid or remote work, bring you own devices, shadow IT – business transformation is anything but static and cybersecurity teams are facing the brunt of it as guardians of the enterprise. How do security teams, already hampered with budget and […]
Colonial Pipeline and the Economics of Ransomware
Colonial Pipeline and DarkSide Ransomware On Friday, May 7, Colonial Pipeline took down parts of their IT infrastructure in the wake of a ransomware attack. The pipeline supplies 45% of the U.S. East Coast’s gas, diesel and jet fuel. The FBI confirmed on Monday that the criminal group responsible is leveraging the DarkSide RaaS (Ransomware-as-a-Service). […]
Sacking Cybercriminals and Fraudsters at Super Bowl LV
The Super Bowl presents a ton of opportunities for cyber criminals to exploit, both through the target–rich environment surrounding the event itself as well as social engineering attacks that take advantage of the hype.
Security Alert Fatigue? False Positives? Common Problems in Threat Detection And How to Fix Them
If your team is suffering from security alert fatigue, too many false positives, and an overall reactive posture, you’re not alone. Organizations are continuing to invest in a growing suite of cyber security tools, complicating security operations, overwhelming teams, and negatively impacting threat detection. According to a 451 Research Report, 43% of enterprises are unable to act […]
Best Practices for Monitoring and Investigating AWS Events
Cloud computing is a resource that is becoming more affordable, efficient, and widespread in today’s enterprise environments. Having a well-hardened environment will thwart most attacks on your organization’s assets and resources, but what happens when an S3 bucket that your team created years ago was misconfigured along the way and auditing of the security configuration […]
Detect Solorigate and SUNBURST Attacker Techniques with the MITRE ATT&CK Framework—We’ll Get You Started
As folks are continuing to work to address the Solorigate/ SUNBURST compromise, our team has been mapping the tactics and techniques used by the attackers to the MITRE ATT&CK framework, and building detection content to deploy for our customers. If you haven’t already, please read this blog first to get the basics. What follows is […]
How to Get the Most out of Your Security Monitoring with the Cyber Kill Chain Model
Updated June 2021 In our personal lives, many of us try to get the most out of a tank of gasoline – waiting until the red indicator shines bright and we finally have to stop at a gas station to fill our tank. This mindset extends to many aspects of our lives, both personally and […]
A Defense Approach to Mitigating Phishing Attacks
Purpose-built security tools are designed to solve for the ever-evolving threat landscape led by APTs, Nation-States, and Hacktivists, but is your organization accounting for the internal threats posed by your authorized users? Most phishing attacks require help from the end user to be successful Source: Peter Broelman The latest Verizon Annual Data Breach Investigations Report […]
Stop the Spread of Malware: Tips for Preventing, Detecting, and Analyzing Malware in an Enterprise Environment
In today’s world, the threat of a malware infection gaining a foothold in an enterprise network is a top concern. An extensive infection could mean countless hours spent handling the recovery and remediation of impacted devices and mitigating the initial gap in security posture. In simplest terms, preventing an infection in the first place is […]
No results
