Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Welcome to the third entry in our introduction to the PEAK Threat Hunting Framework! Taking our detective theme to the next level, imagine a tough case where you need to call in a specialized investigator (even Sherlock depended on Watson from time to time!). For these unique cases, we can use algorithmically-driven approaches called Model-Assisted Threat Hunting (M-ATH). In this post, we’ll look at M-ATH in detail.

In the complex world of Internet security, TLS encryption reigns. The powers behind the throne are the Certificate Authorities (CAs) that play a crucial role in verifying websites' identities and regulating the trust we place in those sites. However, understanding the trustworthiness of the CAs themselves can be challenging.

Cyberattacks are unauthorized attempts to access data and disrupt your organization's computer systems or networks. It’s reported that 49% of organizations have suffered a data breach over the past two years — it’s possibly higher than that. These data breaches can cause financial loss, reputational damage and legal liabilities. So, organizations develop Red and Blue teams to mitigate the risk of cyberattacks.

Even though this blog discusses some serious topics related to security of mission-critical SAP applications, why not start it with a fun trivia question? So, here it is: “What does SAP stand for?” As per the company’s website, SAP is an acronym for the organization’s original German name “Systemanalyse Programmentwicklung,” which stands for System Analysis Program Development in English. Founded in 1972, SAP is a global leader in enterprise application software.

Cryptomining is essential for creating new cryptocurrencies and functioning blockchain networks. However, the increased complexity of cryptomining drives the need for specialized, cost-effective infrastructure to mine cryptocurrencies. Enter the cloud: Cloud computing has become critical for cryptomining, making cloud cryptomining popular among miners. This article describes cloud cryptomining, its history, and the types of cloud cryptomining.

CrowdStrike Falcon® LogScale provides a full range of dashboarding and live query capabilities out of the box. Sometimes, however, you’ll work in an environment where there are other solutions alongside LogScale. For example, let’s say your operations team takes an observability approach that includes metrics scraped by Prometheus, tracing with Tempo and dashboard visualizations with Grafana.

David Bowie once sang, “ch-ch-ch-changes, turn and face the strange.” While the changes to ISO 27000-series may look strange, they’re primarily a configuration and modernization of the same standard you already know. The standard’s format looks entirely different, but most of your current controls will remain the same.

RSA is a popular and secure cryptographic algorithm that encrypts and decrypts data. It provides a secure method for transmitting sensitive data over the Internet. While RSA has some vulnerabilities, it is still utilized for various applications, like digital signatures to authenticate the source of a message. This article describes RSA, how it works, and its major applications. It also explains the security vulnerabilities of RSA and how to mitigate them.

“Who you gonna call?” - Ghostbusters Before we get to the main topic of this blog, I would like to provide some historical background on how I got to the topic. Hopefully, this context will be both informative and useful as we try to use call detail records (CDR) for doing good things.