Alert fatigue is a real problem in IT Security. This can set in at the worst time, when an analyst checks their tools and sees yet another event, or even another 50-100 events, after they just checked. They click through events looking for the smallest reason they can find to dismiss the event so they won’t need to escalate, or further investigate, the issue.
Recently, the Defense Advanced Research Project Agency (DARPA) announced a multi-year investment of more than $2 billion in new and existing programs in artificial intelligence called the “AI Next campaign. Agency director, Dr. Steven Walker, explained the implications of the initiative: “we want to explore how machines can acquire human-like communication and reasoning capabilities, with the ability to recognize new situations and environments and adapt to them.”
A VLAN is used to share the physical network while creating virtual segmentations to divide specific groups. For example, a host on VLAN 1 is separated from any host on VLAN 2. Any packets sent between VLANs must go through a router or other layer 3 devices. Security is one of the many reasons network administrators configure VLANs. However, with an exploit known as 'VLAN Hopping', an attacker is able to bypass these security implementations.
Malware analysis allows the analyst to see what actions are taken and allows us to use those actions to build a profile that can be used to detect and block further infections and find related infections.
It’s been a busy summer at AlienVault! Amid some major company announcements, we continue to evolve USM Anywhere and USM Central with new features and capabilities that help you to defend against the latest threats and to streamline your security operations. You can keep up with our regular product releases by reading the release notes in the AlienVault Product Forum. Here are a few of the highlights from our July and August 2018 releases.
During a penetration testing engagement, it’s quite common to have antivirus software applications installed in a client’s computer. This makes it quite challenging for the penetration tester to run common tools while giving the clients a perception that their systems are safe, but that’s not always the case. Antivirus software applications do help in protecting systems but there are still cases where these defenses can be bypassed.
Cybersecurity is a growing concern as breaches continue to increase in frequency and make headline news. Unfortunately, due to time and other constraints, many smaller businesses postpone the complicated task of risk management, only to eventually succumb to the devastating ramifications of a cyberattack. While the security solutions themselves appear complicated, the ability to mitigate risk is within reach of all.
SAN MATEO, Calif. – July 31, 2018 – AlienVault®, the leading provider of Unified Security Management® (USM) and crowdsourced threat intelligence, today announced the general availability of Endpoint Detection and Response (EDR) capabilities in USM Anywhere™. Visit AlienVault’s Black Hat booth #528 from August 7-9 to see a demonstration of endpoint security capabilities in USM Anywhere.
DALLAS, July 10, 2018 — AT&T today announced its plans to acquire AlienVault®, a privately held company based in San Mateo, Calif. The agreement has been approved by both companies. The acquisition of AlienVault will enable AT&T to expand its enterprise-grade security solutions portfolio and offerings to millions of small and medium-sized businesses.
We regularly introduce new features to USM Anywhere and USM Central to help your team to be more effective at detecting and responding to threats. You can keep up with our regular product releases by reading the release notes in the AlienVault Product Forum. Here are a few of the highlights from our May 2018 releases.
