Threat Detection

Machine Learning in Security: Detect Suspicious TXT Records Using Deep Learning

May 2, 2023 By Namratha Sreekanta In Splunk

There are about 90 DNS resource record types (RR) of which many of them are obsolete today. Of the RR’s used, DNS TXT record offers the most flexibility in content by allowing user defined text. The TXT record initially designed to hold descriptive text (RFC 1035) is widely used for email verification, spam prevention and domain ownership verification.

Read Post

Splunk

Read more about Machine Learning in Security: Detect Suspicious TXT Records Using Deep Learning

Cloud detection and response, a key asset for cloud security

Apr 27, 2023 By John Waller In Synopsys

With the continued move to the cloud, cloud detection and response helps security teams defend their cloud applications and infrastructure.

Read Post

Synopsys

Read more about Cloud detection and response, a key asset for cloud security

2023 SANS Threat Hunting Survey Focusing on the Hunters and How Best to Support Them

Apr 24, 2023 By Corelight In Corelight

As vendors develop new software or tools for threat hunting, we need to remember that threat hunting is predominantly a human-based activity in looking for incidents that our automated tools have not yet found, or cannot yet detect.

View Video

Corelight

Read more about 2023 SANS Threat Hunting Survey Focusing on the Hunters and How Best to Support Them

Stronger Together, RSAC 2023: Navigating security events with cyber partners

Apr 20, 2023 By Corelight In Corelight

Whether you’re attending RSA or not, one thing is for certain - attackers are always at work. Furthermore, attackers are always working together without red tape like we have within our corporate infrastructure. That’s why Mandiant/Google, Stairwell, SnapAttack, Nozomi Networks, SentinelOne, and Corelight are hosting a webinar before RSAC 2023 to show how Defenders are also Stronger Together. There is no silver bullet in the cybersecurity space, so come get the conversation started early in an executive panel as we explore how each executive/organization is addressing.

View Video

Corelight

Read more about Stronger Together, RSAC 2023: Navigating security events with cyber partners

Corelight Open NDR Now Helps Defend Black Hat Events

Apr 18, 2023 By John Gamble In Corelight

We are honored to announce that Corelight’s Open Network Detection and Response (NDR) solution has been chosen by the esteemed Black Hat Network Operations Center (NOC) to help defend their networks at Black Hat events worldwide. It’s a testament to the capabilities of our platform and the open source technologies that power it. We are honored to be among the distinguished vendors chosen to provide best of breed solutions for the NOC.

Read Post

Corelight

Read more about Corelight Open NDR Now Helps Defend Black Hat Events

Threat Hunting Fundamentals: Why Network Data Should Be At Core of Your Process

Apr 17, 2023 By Corelight In Corelight

Speakers: AJ Nurcombe (Corelight), Brandon Dunlop (ISC2) Threat hunting is a challenge to get right, with many potential pitfalls. There are twenty different definitions for threat hunting and ten different ways to do it. Organisations vary from having zero presence in their threat hunting program to multiple full-time hunters, but unfortunately, they often miss many critical pieces. This webinar will cover the common oversights that organisations fall foul of as well as emphasising the importance of network evidence in your threat hunting framework.

View Video

Corelight

Read more about Threat Hunting Fundamentals: Why Network Data Should Be At Core of Your Process

Why SOCs Need AI Threat Detection

Apr 12, 2023 By SenseOn In SenseOn

Getting the benefits of AI threat detection tools is becoming less of an option for security operation centres (SOCs). Last year, the UK experienced more cyber attacks than any other country in Europe. According to IBM’s X-Force Threat Intelligence Index report, nearly half (43%) of all cyber attacks in Europe targeted UK-based organisations.

Read Post

SenseOn

Read more about Why SOCs Need AI Threat Detection

Threat Detection and Response: 5 Log Management Best Practices

Apr 10, 2023 By The Graylog Team In Graylog

In a world where attackers can move fast, security teams need to move faster. According to SANS research from 2022, adversaries can perform intrusion actions within a five-hour window. While analysts need the Millennium Falcon of security technologies that enable threat detection and response in under twelve parsecs, increasingly complex IT environments make the 1-10-60 Framework feel unachievable.

Read Post

Graylog

Read more about Threat Detection and Response: 5 Log Management Best Practices

Introducing Calico Runtime Threat Defense-The most extensive security coverage for containers and Kubernetes

Apr 6, 2023 By Giri Radhakrishnan In Tigera

Containerized applications are complex, which is why an effective container security strategy is difficult to design and execute. As digitalization continues to push applications and services to the cloud, bad actors’ attack techniques have also become more sophisticated, which further challenges container security solutions available on the market.

Read Post

Tigera

Read more about Introducing Calico Runtime Threat Defense-The most extensive security coverage for containers and Kubernetes

What is XDR? Is the security impact real or hyped?

Apr 4, 2023 By Dave Frampton In Sumo Logic

With so many overlapping and self-serving definitions of XDR (Extended Detection and Response), embracing the innovations in technology first require that we parse the alphabet soup. We agree with several industry analysts covering the space that XDR is a vendor push with no real customer demand, but the problem spaces within XDR are of significant customer interest. Consensus has emerged on a few XDR elements such as: cloud-native/SaaS, improved detection, and improved response.

Read Post