Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Threat Detection

Why MDR is Your Most Important Security Investment

The cybersecurity threat landscape is continuously evolving, with the frequency and impacts of threats like malware and ransomware increasing every year. Today, organizations of all sizes and in every industry sector must be proactively searching for emerging threats and actively monitoring risk to protect themselves – and respond quickly in the event that a threat is identified.

CrowdStrike Achieves 100% Prevention in Recent MITRE Engenuity ATT&CK Evaluation Emulating Russia-based Threat Groups

At CrowdStrike, we believe that rigorous, independent testing is a vital part of the security ecosystem. It provides customers with transparency and insight into the critical capabilities required to stop today’s sophisticated threats. That’s why I’m excited to share the results of Round 4 of the MITRE Engenuity ATT&CK Enterprise Evaluation: The CrowdStrike Falcon platform stops breaches with 100% prevention, comprehensive visibility and actionable alerts.

Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer

On March 22, the hacking group Lapsus$ published a Twitter post with a number of screenshots taken from a computer showing “superuser/admin” access to various systems at authentication firm Okta that took place in January this year. Okta is a platform in the #1 platform in Identity-as-a-Service (IDaaS) category, which means that it manages access to internal and external systems with one login.

VPNs are increasingly common - how much can you see?

VPN tunnels are like shipping containers in that they are widely used (especially as the pandemic has moved more of the workforce to remote work), and they can be used to carry traffic for legitimate as well as malicious purposes. Establishing a tunnel between corporate offices, remote workers, or partners to transfer data is a legitimate and common use for VPNs.

SANS 2022 Cloud Security Survey

The state of cloud security is evolving. Many organizations are implementing new and more advanced cloud security services that offer cloud-focused controls and capabilities, including services and tools that provide network connectivity and security for end users and office locations, security monitoring and policy controls, and identity services, among others.

[Webcast] Defending against nation-state actors

With the threat of Russian cyberattacks on the rise, it’s essential for defenders of critical infrastructure to pressure test their cyber defense capabilities. In this webcast, Corelight's Alex Kirk reviews the specific techniques, tactics, and procedures that defenders should monitor in order to identify and disrupt attacks in their environment. Alex has a long and storied career as a cybersecurity professional, including a recent volunteer engagement training Ukrainian cyberdefenders this past fall.

6 Steps to Defend Against Advanced Persistent Threats

The cybersecurity community uses the term Advanced Persistent Threats to refer to threats that have extremely long persistence on a particular target—often lurking inside a target system for years. Their targets can include government agencies (at all levels), including contractors and suppliers far down the supply chain. Due to their passive nature, you may not even realize that your organization is a target for an APT. In fact, your infrastructure may already be infiltrated.

LimaCharlie partners with SOC Prime to deliver continuous content streaming of detections

The cybersecurity landscape is shifting because it has to. The breadth of challenges facing defenders is vast and we are constantly reminded about how unpredictable security can be with zero-days such as the recent Log4Shell vulnerability. New tools and a community-based approach offer a way forward in the face of overwhelming complexity.