Threat Detection

MDR vs. EDR: Which Solution is Right for Your Organization?

Jul 18, 2023 By Arctic Wolf In Arctic Wolf

The rise of remote work and the move to the cloud, as well as the rising rate and increased complexity of cyber attacks, have fundamentally changed the security landscape. Set-it-and-forget it tools are no longer enough. To truly protect yourself from modern cyber threats you need 24×7 monitoring, detection and response. However, even that doesn’t look the same anymore.

Read Post

Arctic Wolf

Read more about MDR vs. EDR: Which Solution is Right for Your Organization?

How SOCs can level up their PCAP game with Smart PCAP (Part 2)

Jul 13, 2023 By Roger Cheeks In Corelight

In terms of unencrypted traffic, several highly used protocols lend themselves to logging and can significantly reduce the burden of packet capture without lowering the fidelity of information or the capabilities of analysts.

Read Post

Corelight

Read more about How SOCs can level up their PCAP game with Smart PCAP (Part 2)

Tutorial: Cyclops Blink Detection Tools

Jul 12, 2023 By WatchGuard In WatchGuard

In this video, you will learn how to use the three tools WatchGuard provides to help you diagnose if your Firebox is affected by Cyclops Blink.

View Video

WatchGuard

Read more about Tutorial: Cyclops Blink Detection Tools

Detection as Code: How To Embed Threat Detection into Code

Jul 11, 2023 By Muhammad Raza In Splunk

Like many concepts at the intersection of software engineering and cybersecurity, threat detection has emerged as a recent candidate to adopt the ‘as-code’ discipline to detection. This is driven by two key factors: Detection as Code is a new paradigm that brings a structured, systematic and flexible methodology for threat detection inspired by the as-code best practice of software engineering, commonly adopted in DevOps and Agile software development frameworks.

Read Post

Splunk

Read more about Detection as Code: How To Embed Threat Detection into Code

Threat Detection In 2023 Is Broken. Here's How to Fix It

Jun 28, 2023 By Laura In SenseOn

Why have cyber incidents topped the Allianz Risk Barometer for the last two years in a row? Growing attack surfaces are partly responsible. Remote work, cloud migration, IoT use and other trends give cyber threats more places to enter and hide within networks. But there is another cause – deficiencies in the standard approach to threat detection and response.

Read Post

SenseOn

Read more about Threat Detection In 2023 Is Broken. Here's How to Fix It

5 Steps to Combating Emerging Threats with Network Security

Jun 27, 2023 By Joe Thibault In Forescout

In today’s rapidly evolving threat landscape, cybercriminals have become more sophisticated than ever, making it crucial to stay abreast of the latest trends and tactics. The challenge is exacerbated by the expanding attack surface as more devices and device types connect to enterprise networks: IT, OT, IoT and IoMT devices, all with known vulnerabilities that can be exploited.

Read Post

Forescout

Read more about 5 Steps to Combating Emerging Threats with Network Security

Ransomware detections on endpoints increase by 627%

Jun 27, 2023 By Manu Santamaría Delgado In WatchGuard

Ransomware is still present and growing across the threat landscape, to the extent that some organizations now include the cost of a ransomware attack in their annual budgets. Data from our Internet Security Report - Q4 2022 reveals that ransomware detections on endpoints rose by an alarming 627% in 2022 compared to the previous year. While ransomware does not discriminate by industry type, the report clearly shows the manufacturing sector was the most affected during 2022.

Read Post

WatchGuard

Read more about Ransomware detections on endpoints increase by 627%

What are Advanced Persistent Threats (APT) and How to Prevent Them.

Jun 23, 2023 By UTMStack In UTMStack

Advanced persistent threats (APTs) and targeted attacks are a growing concern for organizations of all sizes. These types of cyber attacks are characterized by their high level of sophistication and the ability to evade traditional security measures. In order to defend against APTs, organizations need to adopt a multi-layered approach that includes implementing security information and event management (SIEM) systems.

View Video

UTMStack

Read more about What are Advanced Persistent Threats (APT) and How to Prevent Them.

Extending visibility through our new ICS/OT collection

Jun 21, 2023 By Vince Stoffer In Corelight

Increasingly, security teams are tasked with identifying, understanding, and managing risk around devices that may live outside the traditional IT umbrella. Operational Technology (OT) refers to computing systems that are used to manage and process operational functions as opposed to administrative operations, with Industrial Control Systems (ICS) being a major segment of that OT sector.

Read Post

Corelight

Read more about Extending visibility through our new ICS/OT collection

How to Use Algorithms to Identify Suspicious Activity in Real-Time

Jun 15, 2023 By SecuritySenses In SecuritySenses

The growth of fraudulent activity poses a significant threat to businesses in today's increasingly digital environment. The techniques fraudsters use are continuously evolving-making it difficult for traditional rule-based systems to stay up, as the estimated corporate revenue lost to fraud stands at $4.7 trillion globally every year. Employing increasingly advanced and dynamic fraud detection techniques have become essential. Machine learning is the most promising technology tool to combat financial fraud.

Read Post