Detecting malicious behavior blended with business-justified activity
With organizations moving to the cloud and remote workers becoming the rule rather than the exception, the definition of the network is changing. Add to this the increasing …
threat hunting
Organizations want to threat hunt, but can’t due to lack of time, skills and visibility
As cybercriminals and nation-states continue to improve the sophistication of attacks that bypass traditional preventive defenses, organizations must evolve their security …
Growing intrusion trends: A perspective on today’s most sophisticated cyberattacks
According to a new CrowdStrike report, the technology, professional services, and hospitality sectors were targeted most often by cyber adversaries. The actors used a variety …
It only takes one data point to blow open a threat investigation
Because cybersecurity has been such a pain point for businesses, it’s easy to assume that threat investigations are difficult and unwieldy to manage. When you consider what’s …
The state of network security in organizations with 1000+ employees
Security team size at the largest organizations does not scale with the number of overall employees, but they are more likely to include staff with specialized roles, say the …
Why humans are necessary to the threat hunting process
For thousands of years, humans have worked to collect intelligence on their enemies. Intelligence gathering is not a new practice; in fact, it is one of the oldest war tactics …
Is Windows ShimCache a threat hunting goldmine?
Enterprise-wide threat hunting sounds like a daunting task and for inexperienced forensic analysts it certainly can be. However, there are various techniques that can be used …
DHS, FBI warn about malware tied to North Korean threat actor
US-CERT has released a new technical alert on malware used by Hidden Cobra, a threat actor whose activities they believe to be directed by the North Korean government. The …
Bring order to the chaos of incident response and threat investigations
In this podcast recorded at RSA Conference 2018, Leon Ward, VP of Product Management at ThreatQuotient, talks about bringing order to the chaos of security operations, as well …
SOCs require automation to avoid analyst fatigue for emerging threats
A survey conducted by LogicHub at RSA Conference 2018 identified 79 percent of respondents believe both human expertise and security automation is needed for a powerful …
