Cisco Security

OCTOBER 20, 2021

This guest blog was written by Aaron Sherrill , Senior Research Analyst at 451 Research , part of S&P Global Market Intelligence. . Set the Stage: A World Without XDR. Security operations teams at most organizations are overwhelmed by the sheer number of security products they’re required to manage. The Push for Change: Top Pain Points.

Threat Detection 111

Threat Detection Technology Information Security Risk 111

Anton on Security

MAY 13, 2021

A few days ago we did a very well-attended webinar focused on the modern Security Operations Center (SOC) approach (see “Trend for the Modern SOC” for a replay link). We got a lot of great questions, and just like in the good old times , I am writing a blog where I cover some of the answers. Also see this paper.

Risk 100

Risk Threat Detection Technology Cybersecurity 100

McAfee

JUNE 29, 2020

Threat intelligence (TI) — the art of distilling down everything that is happening globally in the adversarial t hreatscape and TI Programs – reducing to what is necessary context for your company and your security team to know and take mitigation action against — is hard.

Artificial Intelligence 52

Artificial Intelligence Cyber threats Technology Risk 52

McAfee

MAY 17, 2021

Then, at the apex of suspense while the music ascends to a crescendo, a hard thumping release, she reaches out to grasp a microchip placed in the center of the room on a pedestal as if the room were designed only to show off its magnificence. All the components in this scene were meant to record and detect when an activity occurs.

Architecture 78

Architecture Technology Artificial Intelligence Surveillance 78

McAfee

FEBRUARY 16, 2021

The core value prop behind XDR is to empower the SecOps function which is still heavily burdened with limited staff and resources while the threat landscape roars. XDR is a jou rney for people and organizations. . This cry is not new. Organizations must consider and prepare for t his helpful shift.

Technology 92

Technology Phishing Cybersecurity 92

Security Boulevard

DECEMBER 21, 2021

As we discussed in “Achieving Autonomic Security Operations: Reducing toil” (or it’s early version “Kill SOC Toil, Do SOC Eng” ), your Security Operations Center (SOC) can learn a lot from what IT operations learned during the SRE revolution. However, both security operations center practitioners and SREs agree?—?consistency

Engineering 67

Engineering Phishing Technology Ransomware 67

eSecurity Planet

MAY 5, 2021

Managed Detection and Response (MDR) services offer their clients 24/7 turnkey threat monitoring, detection and remote response capabilities. Having an entire external team devoted solely to threat detection and response increases the chances of identifying threats that may otherwise elude internal teams. Top MDR services.

Threat Detection 57

Threat Detection Technology Artificial Intelligence Cybersecurity 57

Security Boulevard

MAY 13, 2021

A few days ago we did a very well-attended webinar focused on the modern Security Operations Center (SOC) approach (see “Trend for the Modern SOC” for a replay link). We got a lot of great questions, and just like in the good old times , I am writing a blog where I cover some of the answers. Also see this paper.

Risk 50

Risk Threat Detection Technology Cybersecurity 50

The Last Watchdog

JANUARY 22, 2023

Organizations are confronted with a severe security threats landscape, and it is critical that they have the ability to prevent, detect and respond to these threats in a timely manner. Centralized management, which simplifies identifying and responding to threats across an organization.

Threat Detection 214

Threat Detection Artificial Intelligence Marketing Phishing 214

Fox IT

SEPTEMBER 2, 2020

This blog provides a ‘look behind the scenes’ at the RIFT Data Science team and describes the process of moving from the need or an idea for research towards models that can be used in practice. More specifically, how known and unknown PowerShell threats can be detected using Windows event log 4104. Author: Joost Jansen.

Cyber threats 54

Cyber threats Engineering 54

Fox IT

DECEMBER 12, 2022

Thus, in the first part of this blog we will look back at how our own Security Operations Center (SOC) tackled the problem in the initial days of the ‘code red’. Thus, in the first part of this blog we will look back at how our own Security Operations Center (SOC) tackled the problem in the initial days of the ‘code red’.

Software 74

Software Internet Internet Ransomware 74

Security Boulevard

OCTOBER 24, 2023

Attack Technique Format This blog covers multiple Kerberos abuse based attack techniques, detection guidance and remediation of a compromised domain. We will mention any related blogs, tools, or variations of the attack performance. An organization’s users must have trust in both the domain and the fidelity of its architecture.

Backups 67

Backups Passwords Authentication Accountability 67

Fox IT

DECEMBER 12, 2021

About the Research and Intelligence Fusion Team (RIFT): RIFT leverages our strategic analysis, data science, and threat hunting capabilities to create actionable threat intelligence, ranging from IOCs and detection capabilities to strategic reports on tomorrow’s threat landscape. Background.

DNS 75

DNS Cyber threats Internet Internet 75

Cisco Security

AUGUST 29, 2022

In part one of our Black Hat USA 2022 NOC blog, we discussed building the network with Meraki: Adapt and Overcome. The Cisco Stack’s Potential in Action, by Paul Fidler. Talos Threat Hunting, by Jerzy ‘Yuri’ Kramarz and Michael Kelley. Building the Hacker Summer Camp network, by Evan Basta.

DNS 73

DNS Wireless Malware Firewall 73

Fox IT

JUNE 2, 2020

The purpose of this blog post is to describe the functionality of the two components, the loader and the backdoor. To ensure that our managed services remain effective against the latest threats, NCC Group operates a Global Fusion Center with Fox-IT at its core. Author: Nikolaos Pantazopoulos. Introduction.

Malware 48

Malware DNS Architecture Backups 48

Cisco Security

MAY 27, 2022

In part one of our Black Hat Asia 2022 NOC blog , we discussed building the network with Meraki: . SecureX: Bringing Threat Intelligence Together by Ian Redden . Future Threat Vectors to Consider – Cloud App Discovery by Alejo Calaoagan . SecureX: Bringing Threat Intelligence Together by Ian Redden . alphaMountain.ai

Malware 72

Malware Accountability DNS Technology 72

Cisco Security

AUGUST 28, 2023

The Black Hat Network Operations Center (NOC) provides a high security, high availability network in one of the most demanding environments in the world – the Black Hat event. Check out Iain’s article: ‘ Inside the Black Hat network operations center, volunteers work in geek heaven.’ Integration is key to success in the NOC.

Wireless 60

Wireless DNS Mobile Technology 60

Fox IT

JUNE 23, 2020

About the Research and Intelligence Fusion Team (RIFT): RIFT leverages our strategic analysis, data science, and threat hunting capabilities to create actionable threat intelligence, ranging from IOCs and detection capabilities to strategic reports on tomorrow’s threat landscape. Actor Tracking.

Ransomware 45

Ransomware Encryption Malware Architecture 45

Fox IT

JUNE 30, 2020

About the Research and Intelligence Fusion Team (RIFT): RIFT leverages our strategic analysis, data science, and threat hunting capabilities to create actionable threat intelligence, ranging from IOCs and detection capabilities to strategic reports on tomorrow’s threat landscape.

Engineering 64

Engineering VPN Passwords Malware 64

CyberSecurity Insiders

JANUARY 13, 2022

Customers receive actionable reports via the CrowdStrike Falcon console and APIs to ensure that the highest degree of device security is enforced. These partner integrations expand the CrowdStrike Zero Trust partner ecosystem which includes Akamai, Cloudflare, Google Cloud, Netskope, Okta and Zscaler.

Risk 52

Risk Architecture Authentication Firewall 52

Troy Hunt

MARCH 2, 2020

This is going to be a lengthy blog post so let me use this opening paragraph as a summary of where Project Svalbard is at : Have I Been Pwned is no longer being sold and I will continue running it independently. Per the Project Svalbard announcement blog post, I engaged KPMG to run the merger and acquisition (M&A) process for me.

Data breaches 341

Data breaches Marketing Cyber Insurance InfoSec 341