Threat Detection

Sysdig Enriched Process Trees, an Innovative Approach to Threat Detection

Jun 7, 2023 By Víctor Jiménez Cerrada In Sysdig

Discover how Sysdig Secure’s new Process Tree feature improves threat investigation. Imagine you’re investigating a security related detection, the investigation was triggered by the execution of stat/etc/shadow in one of your containers. Is this a sign of a legitimate activity, such as a developer debugging an app, or a sign that your container has been compromised? It depends on the context.

Read Post

Sysdig

Read more about Sysdig Enriched Process Trees, an Innovative Approach to Threat Detection

Stop Cloud Breaches in Real Time and Accelerate Investigation and Response with Sysdig CDR

Jun 7, 2023 By Matt Kim In Sysdig

Is your organization grappling with the relentless pace of ever-changing threats in the cloud? Are you spending hours investigating security events without identifying the root cause of the problem?

Read Post

Sysdig

Read more about Stop Cloud Breaches in Real Time and Accelerate Investigation and Response with Sysdig CDR

3 Reasons to Leverage AI for Enhanced Threat and Vulnerability Management

Jun 7, 2023 By Natalie Tischler In Veracode

As the cyber threat landscape continues to evolve, you know there’s a growing need to ensure applications and software are protected from malicious actors. A holistic and intelligent approach to threat and vulnerability management is essential for ensuring security against modern cyber risk. By leveraging AI-powered tools, especially for tasks like remediating security flaws, you can manage and reduce risk quickly and effectively.

Read Post

Veracode

Read more about 3 Reasons to Leverage AI for Enhanced Threat and Vulnerability Management

Sysdig Enriched Process Trees, an Innovative Approach to Threat Detection

Jun 7, 2023 By Sysdig In Sysdig

Discover how Sysdig Secure’s new Process Tree feature improves threat investigation. In order to speed up the investigation of security events, Sysdig Secure now includes a process tree showing the attack journey from user to process, including process lineage, container and host information, malicious user details, and impact. In Linux systems, a process tree refers to the hierarchical representation of running processes on a system. It depicts the parent-child relationship between processes all the way to the root.

View Video

Sysdig

Read more about Sysdig Enriched Process Trees, an Innovative Approach to Threat Detection

I have Trust Issues and So Does My CISO How NDR can help identify issues in your ZTA

Jun 2, 2023 By Corelight In Corelight

Speakers: Matt Bromiley (SANS), Tim Nolen, Sr. Sales Engineer (Corelight), Jean Schaffer, Federal CTO (Corelight)

View Video

Corelight

Read more about I have Trust Issues and So Does My CISO How NDR can help identify issues in your ZTA

Celebrating CrowdStrike's New Network Detection Service "Powered by Corelight"

Jun 1, 2023 By Allen Marin In Corelight

Several months ago, we announced that our strategic alliance partner CrowdStrike decided to use our Open NDR technology across its professional services portfolio. This wasn’t just a meaningful validation for us—it was also a testament to the importance CrowdStrike places in arming its world-class Services teams with the technology that can best ensure the protection of its customers.

Read Post

Corelight

Read more about Celebrating CrowdStrike's New Network Detection Service "Powered by Corelight"

Microsoft threat detection and response: five key pitfalls (and how to address them)

May 30, 2023 By The Redscan Team In Redscan

Many will choose the Microsoft ecosystem and will need to become familiar with its native threat detection and response tools and understand how to extract maximum value from them. Kroll’s latest eBook, Microsoft Threat Detection and Response: Five Key Pitfalls (and How to Address Them) provides up-to-date insights to enable businesses to level up their cloud security.

Read Post

Redscan

Read more about Microsoft threat detection and response: five key pitfalls (and how to address them)

Threat hunting 101: Leveraging MITRE ATT&CK framework for extended threat detection

May 19, 2023 By General In ManageEngine

Threat detection and mitigation is one of the core responsibilities of a SOC. With cyberattacks becoming more sophisticated, it has become arduous for security analysts to secure their network from threats. Hybrid work and BYOD policies are making it more difficult for SOCs to keep track of network activities. Attackers continue to improvise new tactics and techniques to compromise an organization’s network.

Read Post

ManageEngine

Read more about Threat hunting 101: Leveraging MITRE ATT&CK framework for extended threat detection

Learn about Corelight and Zeek with AI

May 19, 2023 By Corelight In Corelight

Want to know how to get a commanding view of all devices that log onto your network? Let’s ask ChatGPT! Watch as Corelight's James Pope leverages his AI assistant to explain the power of Zeek®—the open-source technology behind Corelight’s network evidence—and the detailed logs of network activity it produces, including protocols such as HTTP, DNS, and SSL. In the video he also shares how Zeek®’s open standard easily integrates with Suricata, SecurityOnion, Molok, Elk, CrowdStrike EDR logs, and more.

View Video

Corelight

Read more about Learn about Corelight and Zeek with AI

Why Cyber Threat Detection and Response Is So Hard

May 15, 2023 By Justin Foster In Forescout

Breakthrough innovation arises primarily in response to two conditions. One, when new technology emerges that creates new demand by fulfilling needs customers didn’t know they had. Think smartphones. A generation ago, people didn’t know they needed to be tethered to a phone the size of their palm that was also a camera, a bank, an encyclopedia and a shopping mall. Two, when new challenges arise that require innovation to address them.

Read Post