SenseOn

Based on our reading, the Digital Operational Resilience Act (DORA), is at a fundamental level, a transformative ICT challenge. DORA makes the speed and accuracy of security threat detection and response a board-level concern. Fail to stop, classify and report on cyber incidents accurately and, from 2025 onwards, your organisation could face a fine of 1% of global turnover.

In what feels like 10 minutes, cybersecurity AI and machine learning (ML) have gone from a concept pioneered by a handful of companies, including SenseOn, to a technology that is seemingly everywhere. In a recent SenseOn survey, over 80% of IT teams told us they think that tools that use AI would be the most impactful investment their security operations centre (SOC) could make.

Thanks to ChatGPT, you’ve probably heard a lot about generative AI technology over the last few years. Generative AI is artificial intelligence technology that works by taking input data like a request, processing it through different algorithms, and producing an output based on learned patterns. ChatGPT is a generative AI chatbot. 91% of security teams use generative AI, but 65% don’t fully understand the implications.

In February of 2024, SenseOn was contacted to assist with investigating suspicious activity on a customer’s estate. SenseOn analysts quickly identified a malware infection and identified the variant as SocGholish. This blog will showcase SenseOn’s detection and response capabilities against the malware and a breakdown of SocGholish’s techniques and that of the threat actor observed.

At a high level, security leaders need tools that: a) Efficiently detect and respond to threats. b) Can be managed sustainably. c) Deploy quickly and scale with their organisation. d) Are cost-effective. Large SOCs in a handful of enterprises could do this by deploying point solutions and hiring experts to manage them. For everyone else, is there a more efficient way to deliver on these capabilities than a consolidated cybersecurity platform? If you’ve found one, stop reading now.

In the high-stakes world of cybersecurity, where threats evolve hourly and every endpoint is a potential vulnerability, rapid response can make or break an organisation's defences. A recent customer case study showcases how our Quick Actions feature is enhancing the way organisations handle cybersecurity incidents.

Is there one cybersecurity tool to rule them all? For most companies, the answer is probably yes. A cybersecurity platform combines multiple security capabilities — endpoint security, threat response, event logging, and more—into a single system. There are Swiss Army knife cybersecurity platforms that perform a range of tasks, like extended detection and response (XDR), and platforms with more niche functions.

Recent events have highlighted the importance of robust quality assurance (QA) processes. At SenseOn, we understand that any disruption to your IT operations is unacceptable and that round-the-clock security is essential. That's why we've built a comprehensive QA framework that prioritises the stability, reliability, and effectiveness of our XDR platform - ensuring we support you in growing your company.

SenseOn was called in to assist a pre-deployment customer with an alert by another security product, related to anomalous network behaviour. At the time of the incident, the customer had not yet deployed the SenseOn Universal Sensor to their estate.

In the Security Engineering team at SenseOn, we are constantly seeking methods to achieve big goals with minimal input. This is where our focus on automation becomes essential. If you peek inside our team, you’ll find a trove of unique and effective automation tools that aid us on our journey. From small Python scripts to GitHub actions to Slack bots, we have it all.