Topic
Detection and Response
Sacking Cybercriminals and Fraudsters at Super Bowl LV
The Super Bowl presents a ton of opportunities for cyber criminals to exploit, both through the target–rich environment surrounding the event itself as well as social engineering attacks that take advantage of the hype.
Security Alert Fatigue? False Positives? Common Problems in Threat Detection And How to Fix Them
If your team is suffering from security alert fatigue, too many false positives, and an overall reactive posture, you’re not alone. Organizations are continuing to invest in a growing suite of cyber security tools, complicating security operations, overwhelming teams, and negatively impacting threat detection. According to a 451 Research Report, 43% of enterprises are unable to act […]
Best Practices for Monitoring and Investigating AWS Events
Cloud computing is a resource that is becoming more affordable, efficient, and widespread in today’s enterprise environments. Having a well-hardened environment will thwart most attacks on your organization’s assets and resources, but what happens when an S3 bucket that your team created years ago was misconfigured along the way and auditing of the security configuration […]
Detect Solorigate and SUNBURST Attacker Techniques with the MITRE ATT&CK Framework—We’ll Get You Started
As folks are continuing to work to address the Solorigate/ SUNBURST compromise, our team has been mapping the tactics and techniques used by the attackers to the MITRE ATT&CK framework, and building detection content to deploy for our customers. If you haven’t already, please read this blog first to get the basics. What follows is […]
How to Get the Most out of Your Security Monitoring with the Cyber Kill Chain Model
In our personal lives, many of us try to get the most out of a tank of gasoline – waiting until the red indicator shines bright and we finally have to stop at a gas station to fill our tank. This mindset extends to many aspects of our lives, both personally and professionally. For many […]
On the Hook: A Defense-in-Depth Approach to Mitigating Phishing Attacks
Purpose-built security tools are designed to solve for the ever-evolving threat landscape led by APTs, Nation-States, and Hacktivists, but is your organization accounting for the internal threats posed by your authorized users? Most phishing attacks require help from the end user to be successful Source: Peter Broelman The latest Verizon Annual Data Breach Investigations Report […]
Stop the Spread of Malware: Tips for Preventing, Detecting, and Analyzing Malware in an Enterprise Environment
In today’s world, the threat of a malware infection gaining a foothold in an enterprise network is a top concern. An extensive infection could mean countless hours spent handling the recovery and remediation of impacted devices and mitigating the initial gap in security posture. In simplest terms, preventing an infection in the first place is […]
Top 3 Reasons to Alert Based on the Cyber Kill Chain Model
Picture this – It’s 8 AM on Monday and you’re sitting at your desk with a fresh cup of coffee, ready to start a new week. You log in to your workstation, hopeful that your team can kick-off the proactive DNS threat hunt you’ve planned out. Once you’ve opened the usual web browser tabs and […]
Healthcare Industry Spotlight: Tips for Detecting and Investigating Common Insider Threats
In the healthcare industry, insider threats typically take the form of an authorized individual abusing access to resources such as healthcare networks or electronic healthcare systems. In order to protect the business from unauthorized access, disclosure, modifications, or destruction, you need visibility into your information and information systems. A recent example of an insider threat […]
No results