%term

Securing SSH on EC2: What are the real threats?

Jun 14, 2022 By Miguel Hernández In Sysdig

Every compliance audit will ask you to secure SSH, and every time a scanner checks the configuration or CSPM of your cloud account you’ll be warned for it. For example, if you don’t secure SSH on EC2, you’ll certainly get a critical alert stating that one of your Security Groups has its SSH port (22) open to the world. When this happens, you may think: Have I been pwned?

Read Post

Sysdig

Read more about Securing SSH on EC2: What are the real threats?

With Trustwave, the Best in MDR Just Got Better

Jun 14, 2022 By Tom Powledge In Trustwave

Trustwave has recreated new Managed Detection and Response (MDR) services to deliver unmatched capabilities tailored to fit an organization regardless of size or budget. While larger organizations may have the resources for heavy security investments, small and medium enterprises (SME) often struggle to keep up with this punishing pace and finding enough qualified security personnel can be even more challenging with the ongoing skills shortage.

Read Post

Trustwave

Read more about With Trustwave, the Best in MDR Just Got Better

Enhanced Network Evidence for the Modern SOC

Jun 7, 2022 By Corelight In Corelight

Security leaders protect their businesses by using analytics and insights to understand security needs, attack surfaces, and trends. Every company from ‘big box’ travel sites to powerhouse car manufacturers needs to optimize their SOCs, retain talent, and expand business opportunities securely.

View Video

Corelight

Read more about Enhanced Network Evidence for the Modern SOC

CrowdStrike Introduces CrowdStrike Asset Graph to Help Organizations Proactively Identify and Eliminate Blind Spots Across Attack Surface

Jun 6, 2022 By CrowdStrike In CrowdStrike

CrowdStrike Asset Graph provides unprecedented visibility of assets in an IT environment to optimize cyber defense strategies and manage risk.

Read Post

CrowdStrike

Read more about CrowdStrike Introduces CrowdStrike Asset Graph to Help Organizations Proactively Identify and Eliminate Blind Spots Across Attack Surface

CrowdStrike Adds Strategic Partners to CrowdXDR Alliance and Expands Falcon XDR Capabilities to Supercharge Threat Detection, Investigation, Response and Hunting

Jun 6, 2022 By CrowdStrike In CrowdStrike

New CrowdXDR Alliance partners include Menlo Security, Ping Identity and Vectra AI. New Falcon XDR capabilities include native integration with Falcon Fusion SOAR workflows to streamline and simplify security operations.

Read Post

CrowdStrike

Read more about CrowdStrike Adds Strategic Partners to CrowdXDR Alliance and Expands Falcon XDR Capabilities to Supercharge Threat Detection, Investigation, Response and Hunting

RSAC 2022: CrowdStrike Delivers Protection that Powers Productivity

Jun 6, 2022 By George Kurtz In CrowdStrike

The theme of RSA Conference 2022 succinctly captures the aftermath of the disruption we’ve all experienced over the last couple of years: Transform. Customers continue to transform and accelerate digital initiatives in response to the massive economic and technological shifts driven by the COVID-19 pandemic.

Read Post

CrowdStrike

Read more about RSAC 2022: CrowdStrike Delivers Protection that Powers Productivity

Forescout and Cysiv: Threat Detection Across Your Digital Terrain

Jun 6, 2022 By Ian Curry In Forescout

Today marks an exciting moment in time for our customers and partners. Today, Forescout announced its intent to acquire Cysiv, a company with deep expertise in data-powered threat detection and response.

Read Post

Forescout

Read more about Forescout and Cysiv: Threat Detection Across Your Digital Terrain

Enriching NDR logs with context

Jun 2, 2022 By Stan Kiefer In Corelight

In this post, we show how enriching Zeek® logs with cloud and container context makes it much faster to tie interesting activity to the container or cloud asset involved.In cloud or container environments, layer 3 networking is abstracted away from the higher-level tasks of running workloads or presenting data. Because of this abstraction, when Zeek logs are collected for cloud or container network environments, the attribution of a network flow to actual workload or application is difficult.

Read Post

Corelight

Read more about Enriching NDR logs with context

CrowdStrike Falcon Identity Threat Protection Added to GovCloud-1 to Help Meet Government Mandates for Identity Security and Zero Trust

Jun 1, 2022 By Andrew Harris In CrowdStrike

CrowdStrike recently announced the addition of Falcon Identity Threat Protection and Falcon Identity Threat Detection to its GovCloud-1 environment, making both available to U.S. public sector organizations that require Federal Risk and Authorization Management Program (FedRAMP) Moderate or Impact Level 4 (IL-4) authorization. This includes U.S. federal agencies, U.S. state and local governments and the Defense Industrial Base (DIB).

Read Post

CrowdStrike

Read more about CrowdStrike Falcon Identity Threat Protection Added to GovCloud-1 to Help Meet Government Mandates for Identity Security and Zero Trust

Real world use cases for NDR in the Cloud

May 31, 2022 By Corelight In Corelight

As we’ve learned from events like Sunburst and Log4Shell, network telemetry provides essential evidence for catching threats that other tools miss. Watch Senior Director of Product - Cloud Security - Vijit Nair dive into real world use cases from the research team at Corelight -- the creators and maintainers of Zeek. You'll learn how the collection and analysis of cloud network traffic leads to better threat detection and faster response.

View Video