The IT industry has seen an unshakable surge in malware attacks. According to SonicWall’s 2022 Cyber Threat Report, almost 2.8 billion malware attacks were detected in 2022. Approximately 30% of these malware attacks were carried out using emails containing malicious links and attachments. On June 10, 2022, one such malware, Dark Crystal, also known as DCRat, jolted Ukraine. It is a remote access Trojan (RAT) that has been receiving regular upgrades and new modules since 2018.

Being a security analyst today is hard. You’re constantly trying to protect your organization while feeling like attackers are always a step ahead of you. Every year, you seem to add more security technologies to your stack, yet you still find yourself facing tooling gaps. If only you had the ability to clearly compare different products and their capabilities, you think.

Cyber threats against AI systems are on the rise, and today’s AI developers need a robust approach to securing AI applications that address the unique vulnerabilities and attack patterns associated with AI systems and ML models deployed in production environments. In this blog, we’re taking a closer look at two specific tools that AI developers can use to help detect cyber threats against AI systems.

Recently, Sysdig published a blog post about the ways businesses can harden their LLM-based AI applications using the OWASP Top 10 for Large Language Models. So why are we writing about MITRE ATLAS, and how is this any different from the OWASP Top 10 for LLMs?

Imagine you have a backpack with a granola bar buried at the bottom and a tenacious tiny dog who loves snacks. Even though the dog shouldn’t be able to reach that granola bar stored away carefully, it managed to open a zipper and snoop through the contents to eat the snack. From an IT environment standpoint, Application Programming Interfaces (APIs) are the backpack carrying sensitive – but appealing to attackers – data.

A structured approach to incident response enables you to create consistently repeatable processes. Your incident response playbook defines responsibilities and guides your security team through a list of activities to reduce uncertainty if or when an incident occurs. MITRE ATT&CK Framework outlines the tactics and techniques that threat actors use during different stages of an attack.

An Internet Protocol (IP) address is the digital equivalent of your home address. Your home has a unique identification number that gives information about your physical geographic location, like road, city, state, and country. An IP address provides similar information about the people and devices connected to a network.

Security teams must outpace increasingly fast and sophisticated adversaries to stay ahead. In the most recent closed-book MITRE Engenuity ATT&CK Evaluations: Managed Services, the CrowdStrike Falcon platform once again demonstrated it stands alone in its ability to deliver the speed and efficacy needed to stop breaches.

Insights about getting started with the MITRE ATT&CK framework, including real-world examples for integrating and improving detection capabilities.