Anton on Security

JUNE 10, 2022

are now joined by DDR (one vendor claimed “Data Detection and Response”) and ITDR (no, not for IT, silly: “Identity Threat Detection and Response”). RSA 2013 and Endpoint Agent Re-Emergence RSA 2006–2015 In Anton’s Blog Posts! XDR’s older brothers?—?EDR EDR and NDR?—?are more on this below. RSA 2017: What’s The Theme?

VPN 189

VPN Marketing Firewall Passwords 189

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status McAfee Cybersecurity solutions 2021 Acquired: Intel Claroty Industrial cybersecurity 2020 Private Illusive Networks Threat detection and response 2020 Private Jask Autonomous SOC 2018 Acquired: Sumo Logic RiskSense Vulnerability management 2018 Acquired: Ivanti Phantom Cyber SOAR 2017 Acquired: Splunk.

Cybersecurity 130

Cybersecurity Technology Marketing Healthcare 130

The Last Watchdog

MAY 15, 2021

These playbooks are then used to trigger automated responses to known threats, thus relieving a human analyst from having to manually filter vast tiers of threat data. At the tactical level, SOAR capabilities are steadily becoming more effective in direct correlation to the quality of threat intelligence being fed into them.

Technology 157

Technology Hacking CISO IoT 157

Anton on Security

MARCH 28, 2023

And please don’t say “because you are still SIEM-less” or “because you didn’t buy it in 2003, 2013, 2020, etc.” So let’s dive into this! Let’s start with this: why should anyone buy an SIEM tool in 2023? You are not taking aspirin because of low aspirin content in your blood (as my boss of many jobs ago used to say).

Threat Detection 100

Threat Detection Banking Technology Risk 100

Security Affairs

MARCH 1, 2022

Daxin is the most advanced backdoor in the arsenal of China-linked threat actors designed to avoid the detection of sophisticated defense systems. ?Symantec Symantec researchers discovered a highly sophisticated backdoor, named Daxin, which is being used by China-linked threat actors to avoid advanced threat detection capabilities.

Malware 101

Malware Telecommunications Government Manufacturing 101

eSecurity Planet

APRIL 23, 2021

SentinelOne is an advanced EDR tool that uses AI-powered threat detection and response. They recently launched a research division made up of security experts to help protect against evolving advanced threats. SentinelOne has raised $700 million in funding since being founded in 2013. About SentinelOne.

Threat Detection 59

Threat Detection Data collection IoT Malware 59

Security Boulevard

OCTOBER 20, 2022

Security data analytics talent shortage is still there, so if you have only a few people, they should use products, not build or maintain them (I used to joke around 2013 that the planet holds about 5 real security data scientists, two of whom are named Alex. Hi Alexes!). Move to cloud have not changed this and sometimes set the clock back.

Big data 72

Big data Threat Detection Software Technology 72

Security Boulevard

JUNE 23, 2022

Second, a hypothetical CDR tool will need to do its own threat detection, enable the analysts to triage alerts, support incident investigative workflows and probably do some response automation too. Related blog posts: “How to Think about Threat Detection in the Cloud”. Who Does What In Cloud Threat Detection?”.

Threat Detection 52

Threat Detection Marketing Technology 52

eSecurity Planet

MARCH 21, 2025

CrowdStrike consistently earns top rankings in MITRE ATT&CK and MSSP evaluations, validating its effectiveness in real-world threat detection. Founded: 2013 Annual Revenue: $0.5 Rapid7 Best for integrated vulnerability and threat management Headquarters: Boston, Massachusetts Founded: 2000 Annual Revenue: $0.8

Cybersecurity 71

Cybersecurity Firewall Marketing Encryption 71

eSecurity Planet

AUGUST 26, 2022

Whereas older solutions like antivirus, firewalls, and endpoint detection and response (EDR) have long focused on threats at the network perimeter, the intent of NDR is to monitor and act on malicious threats within organization networks using artificial intelligence (AI) and machine learning (ML) analysis.

Artificial Intelligence 116

Artificial Intelligence Network Security Firewall Malware 116

eSecurity Planet

JANUARY 26, 2022

Read more : Best Intrusion Detection and Prevention Systems for 2022. In 2022, the Arizona-based vendor specializes in network performance monitoring and threat analysis with its Observer platform. NDR goes beyond traditional EDR in monitoring, detecting, and responding to threats for internal networks. ManageEngine.

Marketing 122

Marketing DDOS Threat Detection DNS 122

Security Boulevard

MAY 5, 2023

Ultimately, this is where detection and response money is. A few booths actually had “TDIR” on them which stands for Threat Detection, Investigation and Response. Another lesson: CSPM may be “so 2013” but in 2023, most people seem to start their cloud security tool journey with the posture assessment, just as before.

Artificial Intelligence 78

Artificial Intelligence Threat Detection Marketing Cybersecurity 78

Security Boulevard

MARCH 28, 2023

And please don’t say “because you are still SIEM-less” or “because you didn’t buy it in 2003, 2013, 2020, etc.” So let’s dive into this! Let’s start with this: why should anyone buy an SIEM tool in 2023? You are not taking aspirin because of low aspirin content in your blood (as my boss of many jobs ago used to say).

Threat Detection 69

Threat Detection Banking Risk Technology 69

Security Boulevard

JUNE 10, 2022

are now joined by DDR (one vendor claimed “Data Detection and Response”) and ITDR (no, not for IT, silly: “Identity Threat Detection and Response”). RSA 2013 and Endpoint Agent Re-Emergence. XDR’s older brothers?—?EDR EDR and NDR?—?are I have not spotted CDR this time, but maybe I should have?—?more more on this below.

VPN 116

VPN Marketing Firewall Passwords 116

CyberSecurity Insiders

JANUARY 13, 2022

At Anomali, he will lead channel and partner strategy as demand for our precision threat detection and comprehensive response solutions increases rapidly across the world. Founded in 2013, Anomali serves public and private sector organizations, ISACs, MSSPs, and Global 1000 customers worldwide in every major industry.

Technology 52

Technology Artificial Intelligence Digital transformation Big data 52

eSecurity Planet

AUGUST 17, 2022

Launched in 2013, Exabeam’s Fusion platform combines SIEM and XDR capabilities to offer organizations an automated threat detection, investigation, and response (TDIR) solution. This year’s pick for the top Security Information and Event Management (SIEM) solution goes to the fast riser, Exabeam.

Cybersecurity 133

Cybersecurity Firewall Marketing Security Awareness 133

CyberSecurity Insiders

NOVEMBER 11, 2021

CVE-2013-3307. CVE-2013-5223. CVE-2018-10561, CVE-2018-10562. GPON home routers. Linksys X3000 1.0.03 CVE-2020-9377. D-Link DIR-610. CVE-2016-11021. D-Link DCS-930L devices before 2.12. CVE-2018-10088. XiongMai uc-httpd 1.0.0. CVE-2020-10173. Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m. A2pvI042j1.d26m. CVE-2020-8958.

Malware 85

Malware IoT Firmware Authentication 85

CyberSecurity Insiders

JANUARY 10, 2022

We are helping customers correlate more than 190 trillion threats per second to optimize all their security solutions with a more refined and relevant response. Our differentiated platform delivers a new era in attack intelligence and response that can accelerate threat detection and effectively mitigate attacks to keep users and data safe.

Cybersecurity 52

Cybersecurity Big data Artificial Intelligence Engineering 52

eSecurity Planet

AUGUST 15, 2022

Company Product Est HQ Exabeam Exabeam Fusion 2013 Foster City, CA IBM Security QRadar SIEM 1911 Armonk, NY LogRhythm LogRhythm SIEM Platform 2003 Boulder, CO Securonix Next-Gen SIEM 2008 Addison, TX Splunk Splunk Enterprise Security 2003 San Francisco, CA. Advanced analytics to detect malicious activity via compliance and security contexts.

Software 116

Software Small Business Marketing Firewall 116

Centraleyes

FEBRUARY 8, 2024

The Origins of EDR The term “Endpoint Detection and Response” found its roots in the need for a comprehensive solution beyond traditional antivirus measures. Gartner introduced this category in 2013, recognizing the imperative for tools that could provide visibility into the often overlooked endpoints within a network.

Antivirus 52

Antivirus Cyber threats Malware Threat Detection 52

CyberSecurity Insiders

SEPTEMBER 3, 2021

is pleased to announce that one of its affiliates has invested in the Series D growth financing for Corelight (“Corelight” or the “Company”), a leading cyber-security platform focused on network detection and response (“NDR”). Founded in 2013 and based in San Francisco, Corelight is the industry’s first open NDR platform.

Healthcare 40

Healthcare Retail Technology Threat Detection 40

SecureList

DECEMBER 14, 2022

For instance, in late 2013 and January 2014, we observed higher-than-normal activity in Ukraine by the Turla APT group, as well as a spike in the number of BlackEnergy APT sightings. Inadvertently, this also affected the Intelsat communications system for days, proving that the risk of collateral damage during cyberwarfare is pretty high.

DDOS 145

DDOS Ransomware Government Energy and Utilities 145

eSecurity Planet

MAY 27, 2021

Intrusion detection and prevention system (IDPS): Cisco. Cisco’s acquisition of Sourcefire in 2013 brought to the networking giant the Firepower Next-Generation Intrusion Prevention System (NGIPS). IDPS: Intrusion Detection and Prevention Systems. MDR: Managed Detection and Response. Cisco Next-Gen IPS (NGIPS).

Network Security 118

Network Security Firewall Software Technology 118

eSecurity Planet

AUGUST 13, 2021

Cybersecurity product categories: Next-generation firewall , UEBA, cloud security, endpoint protection, threat detection and prevention , application framework. Founded: 2013. Cybersecurity product categories: AI, threat detection, incident response, IDPS. Headquarters: Santa Clara, California. Founded: 2005.

Cybersecurity 145

Cybersecurity Firewall Marketing Encryption 145

Responsible Cyber

JULY 13, 2024

In 2013, attackers used spear phishing emails with infected attachments to break into Target’s network, causing one of the biggest data breaches ever. By knowing about these methods—weak passwords, unpatched software, and social engineering—organizations can be more prepared for potential threats and make their defenses stronger.

Social Engineering 52

Social Engineering Firewall Passwords Education 52

Cisco Security

AUGUST 28, 2023

Secure Cloud Analytics in XDR, by Adi Sankar Secure Cloud Analytics (SCA) allows you to gain the visibility and continuous threat detection needed to secure your public cloud, private network and hybrid environment. Truly a unique situation and one in which we are grateful to participate.

Wireless 97

Wireless DNS Mobile Technology 97

IT Security Guru

AUGUST 9, 2023

Target Compromised Insider In a major upset that took years to resolve in court, retail leader Target experienced a massive data breach in late 2013. All of the above were significant incidents that impacted massive corporations, proving that nobody is safe from insider threats. In the end, it cost Cisco $1.4

Insurance 98

Insurance Data breaches Social Engineering Accountability 98