Anton on Security

DECEMBER 28, 2020

The debate focused on the role of context in threat detection. Specifically, it is about the role of local context (environment knowledge, organization context, site details, etc) in threat detection. Can threat detection work well without such local context? Now, some of you will say “yes, of course!”

Threat Detection 100

Threat Detection Malware Technology Engineering 100

Heimadal Security

JANUARY 27, 2023

Threat detection and response (TDR) is an increasingly important approach to security as organizations struggle to keep up with the growing number of cyberattacks. TDR combines several technologies and processes to detect, analyze, and respond to malicious activity on networks, devices, applications, and more.

Threat Detection 88

Threat Detection Technology 88

Security Boulevard

NOVEMBER 20, 2023

In Operational Technology (OT), where the physical world converges with the digital, the demand for vigilant attention to threat detection and response is of the greatest significance. This blog will help […] The post Complete Guide to OT Threat Detection and Response appeared first on Security Boulevard.

Threat Detection 80

Threat Detection Technology Cybersecurity 80

The Last Watchdog

OCTOBER 23, 2023

Splunk’s inability to migrate to a modern cloud-native architecture makes it difficult to take advantage of these cost-saving benefits or implement advanced data science use cases critical for threat detection. Impactful analysis A decoupled, purpose-built threat detection platform can work across distributed data lake architectures.

Architecture 261

Architecture Threat Detection Engineering Data collection 261

Anton on Security

SEPTEMBER 14, 2022

This blog / mini-paper is written jointly with Oliver Rochford. When we detect threats we expect to know what we are detecting. Some of us remember the early days of the network IDS intrusion detections systems were delivered without customers being able to see how the detections worked .

Threat Detection 244

Threat Detection CISO Accountability Ransomware 244

Security Boulevard

JULY 22, 2024

Emerging at the forefront of technological innovation, Generative AI is reshaping the landscape of cybersecurity defense with groundbreaking advancements. This blog delves into 5 Ways Generative AI is Revolutionizing Cybersecurity Defense and how we protect digital assets.

Cybersecurity 124

Cybersecurity Threat Detection Technology 124

Cisco Security

MARCH 9, 2022

Here, in part four of our five-part blog series , we’ll be focusing on that very question. People, processes, and technology: The cybersecurity trinity. First off, we need to puzzle out how we gain accurate threat detection. Had the Empire known of the threats the Rebels posed, they could have mounted a stronger defense.

Threat Detection 71

Threat Detection Technology Cybersecurity Data breaches 71

The Last Watchdog

MAY 16, 2022

One of the main culprits for these incredibly frustrating attacks has not so much to do with how a team functions or the protocols a company employs, but instead, it’s a procurement issue that results from supply-chain shortcomings and the hard-to-detect vulnerabilities layered into a particular device. Threat detection.

Cyber Attacks 273

Cyber Attacks Firmware Artificial Intelligence Manufacturing 273

Anton on Security

SEPTEMBER 3, 2021

I did tend to treat every technology that analyzes log files and perhaps other similar telemetry as a SIEM. Imagine this technology was never born (as SIM and SEM) back in the murky?—?but Anybody would be free to invent a technology to analyze security telemetry (logs, endpoint traces, traffic) and call it whatever they want.

Technology 214

Technology Threat Detection Marketing Cybersecurity 214

Anton on Security

MARCH 7, 2024

DR This is the blog where I really (briefly ) miss my analyst life and my “awesome+” peers like Augusto and Anna. And, yes, this blog was inspired by a hallways conversation at a conference that took place more than a year ago :-( So, the question: When and where do you need “<domain>DR” tool for its own technology domain?

Threat Detection 130

Threat Detection Technology IoT Marketing 130

The Last Watchdog

MARCH 31, 2022

Second, the design of security solutions struggled to scale up properly or adapt to the technological changes in the industry, especially in disaggregated compute networks. The good news is, artificial intelligence is here and is showing great promise to deliver what the market needs, that is, pre-emptive and proactive threat detection.

Artificial Intelligence 229

Artificial Intelligence Threat Detection Engineering Software 229

The Last Watchdog

MAY 25, 2022

All security technologies have their own alerting systems, requirements for patches and updates, integration needs, user nuances, policy management processes, access control, reporting, etc. One tool picking up prominence is Extended Detection and Response (XDR.). This is why cyber gangs tend to favor layered attacks.

Digital transformation 222

Digital transformation Threat Detection Cybersecurity Architecture 222

Anton on Security

OCTOBER 20, 2022

Why Your Security Data Lake Project Will … Well, Actually … Long story why but I decided to revisit my 2018 blog titled “Why Your Security Data Lake Project Will FAIL!” To remind, decoupled SIEM is where data storage technology (a security data lake, essentially) is built by one vendor while security brains are built by another.

Big data 202

Big data Threat Detection Software Technology 202

Security Boulevard

MAY 19, 2022

This is written jointly with Tim Peacock and will eventually appear on the GCP blog. In this post, we will share our views on a foundational framework for thinking about threat detection in public cloud computing. To start, let’s remind our audience what we mean by threat detection and detection and response.

Threat Detection 59

Threat Detection Technology Backups Data breaches 59

Anton on Security

APRIL 28, 2022

You can review my ideas on the topic in this blog series “Anton and The Great XDR Debate, Part 1” “Anton and The Great XDR Debate, Part 2” “Anton and The Great XDR Debate, Part 3.” For those who are of the opinion that XDR is merely an improved EDR, SIEM seems like a nice complementary technology that needs to be integrated with their tool.

Threat Detection 189

Threat Detection Technology VPN Architecture 189

Security Boulevard

APRIL 27, 2022

Traditional DPI-based network threat detection appliances will have a role to play in your technology stack for a while. The post Threat detection with network metadata vs. DPI appeared first on Netography. The post Threat detection with network metadata vs. DPI appeared first on Security Boulevard.

Threat Detection 52

Threat Detection Technology 52

CyberSecurity Insiders

NOVEMBER 15, 2021

A few months ago, I wrote a blog on “SASE as a Service” that described how managed services providers (MSPs) can be a catalyzing force for transforming to SASE and bridging the gap between networking and security teams. Managed Threat Detection & Response integration.

Threat Detection 131

Threat Detection Technology Engineering Cybersecurity 131

Security Boulevard

FEBRUARY 8, 2022

This post is a somewhat random exploration of the cloud shared responsibility model relationship to cloud threat detection. Funny enough, some popular shared responsibility model visuals don’t even include detection, response or security operations. Anton’s Cloud Threat Detection Table. Mildly embarrassing, that.

Threat Detection 52

Threat Detection Cloud Migration Technology Engineering 52

Jane Frankland

JANUARY 9, 2024

MDR providers offer an all-in-one solution for organisations that combines people, processes, and technologies to strengthen security measures and reduce risk exposure. They include monitoring for potential threats and incidents, responding to confirmed breaches, and providing support for incident investigation processes.

Threat Detection 147

Threat Detection Technology Marketing Artificial Intelligence 147

CSO Magazine

MARCH 2, 2022

Vectra AI: Threat detection and response vendor Vectra AI is offering a slate of free cybersecurity tools and services to organizations who believe they may be targeted by cyberattacks in the Ukraine-Russia conflict. Here is a list of the cybersecurity vendors currently known to be offering aid.

Threat Detection 134

Threat Detection Surveillance Technology Cybersecurity 134

The Last Watchdog

OCTOBER 5, 2023

Here is Erin’s Q&A column, which originally went live on OneRep’s well-done blog.) For the first expert interview on our blog, we welcomed Pulitzer-winning investigative reporter Byron V. Byron: I was initially drawn to cybersecurity as a USA TODAY technology reporter assigned to cover Microsoft.

Cyber threats 203

Cyber threats Cyber Insurance Cybersecurity Threat Detection 203

Security Boulevard

OCTOBER 12, 2022

The post 451 Research Finds Self-Learning Technology to Address Cybersecurity Blind Spots and Reduce Analyst Burnout appeared first on Security Boulevard.

Technology 98

Technology Cybersecurity Threat Detection Cyber threats 98

Jane Frankland

OCTOBER 31, 2023

However, new research from e2e-assure has revealed that few organisations are taking full advantage of security technologies available today. I’ve partnered with e2e-assure, a leading managed threat detection and response firm as I believe in their brand. To reassure them confidently that you have their organisation safeguarded.

CISO 147

CISO Threat Detection Cyber threats Cybercrime 147

Security Boulevard

DECEMBER 20, 2021

Sometimes great old blog posts are hard to find (especially on Medium ) , so I decided to do a periodic list blog with my favorite posts of the past quarter or so. This covers both Anton on Security and my posts from Google Cloud blog , and our Cloud Security Podcast too ( subscribe ). “Can Can We Have “Detection as Code”?”.

Threat Detection 52

Threat Detection Cloud Migration Encryption Engineering 52

Anton on Security

SEPTEMBER 21, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. Detection Engineering is Painful — and It Shouldn’t Be (Part 1) Contrary to what some may think, a detection and response (D&R) success is more about the processes and people than about the SIEM.

Engineering 221

Engineering Threat Detection Marketing Internet 221

Adam Levin

OCTOBER 13, 2020

Based on the data we see through Microsoft Office 365 Advanced Threat Detection, Trickbot has been the most prolific malware operation using COVID-19 themed lures,” said Burt. . It is primarily spread via file attachments in email campaigns and is often used to infect computers and networks with ransomware.

Threat Detection 161

Threat Detection Malware Banking Ransomware 161

Anton on Security

JULY 20, 2022

Let’s continue our fun conversation on threat detection in the cloud that we started in “Who Does What In Cloud Threat Detection?” and “How to Think about Threat Detection in the Cloud” and continued somewhat in “Detection as Code? No, Detection as COOKING!” or even goodness in detection.

Threat Detection 100

Threat Detection Cloud Migration Engineering Technology 100

Cisco Security

NOVEMBER 14, 2022

In the second part of this blog series on Unscrambling Cybersecurity Acronyms , we covered Endpoint Detection and Response (EDR) and Managed Endpoint Detection and Response (MEDR) solutions, which included an overview of the evolution of endpoint security solutions. What are Managed Detection and Response (MDR) solutions? .

Cybersecurity 128

Cybersecurity Threat Detection Technology Risk 128

The Last Watchdog

APRIL 5, 2021

We live in a time where technology is advancing rapidly, and digital acceleration is propelling development teams to create web applications at an increasingly faster rhythm. These technologies help check the source code for vulnerabilities that could be exploited by attackers in a production environment. Plain sight gaps.

Technology 164

Technology Threat Detection Mobile Marketing 164

CyberSecurity Insiders

SEPTEMBER 22, 2021

In the world of threat detection and response, alert fatigue and tool sprawl are real problems. Analysts need better visibility and control, more context, and better use of automation so they can cut through the noise and respond to threats faster and more effectively. Is it the evolution of endpoint detection and response?

Threat Detection 106

Threat Detection Technology Big data Cybersecurity 106

Anton on Security

NOVEMBER 6, 2023

In my mind, “Decoupled SIEM” is a way to deliver Security Information and Event Management (SIEM) technology where the data management (a) and threat analysis (b) are provided by different vendors. So, the topic is so-called “decoupled SIEM” (I probably made up the term, but …hey… at least this is not an acronym like EDR so YMMV).

Engineering 245

Engineering Data collection Threat Detection Technology 245

CyberSecurity Insiders

FEBRUARY 1, 2022

This blog was written by an independent guest blogger. Quantum computing focuses on developing computer technology based on principles that describe how particles and energy react at the atomic and subatomic levels. But, often, new technology rolls out before all of the kinks have been discovered and resolved. Wrapping up.

Risk 134

Risk Social Engineering Threat Detection Encryption 134

Cisco Security

DECEMBER 7, 2021

Cybersecurity teams must always up-level their own technology and strategies but, with limited time and resources, may find themselves asking questions like: Should I request funds for this initiative? What about insourcing or outsourcing threat management? . And as those blogs become available, they’ll be linked below.

Threat Detection 106

Threat Detection Technology Cybersecurity CISO 106

Security Boulevard

JULY 20, 2022

Let’s continue our fun conversation on threat detection in the cloud that we started in “Who Does What In Cloud Threat Detection?” and “How to Think about Threat Detection in the Cloud” and continued somewhat in “Detection as Code? No, Detection as COOKING!” or even goodness in detection.

Threat Detection 98

Threat Detection Cloud Migration Engineering Technology 98

The Last Watchdog

DECEMBER 26, 2018

This is a type of security monitoring that focuses on users rather than threats, and utilises machine learning, algorithms and statistical analysis to help gain insight into what users on a system are doing, such as their login behavior and which files they are accessing. SIEMs vs. UEBAs. Tapping professionals. Patience, persistence required.

Penetration Testing 173

Penetration Testing Technology Software Antivirus 173

Thales Cloud Protection & Licensing

FEBRUARY 4, 2020

The traditional focus on security has been on breach prevention and threat detection but these can only go so far. According to Domo CEO Josh James’ recent blog post “By 2020, there will be 40x more bytes of data than there are stars in the observable universe.”. Data, data and more data! We’d love to hear from you.

Digital transformation 135

Digital transformation Data breaches Threat Reports Encryption 135

Webroot

JUNE 2, 2022

MDR is an approach to proactively manage threats and malicious activity that empowers organizations to become more cyber resilient. MDR services offer threat detection and response capabilities by augmenting cybersecurity tools with human security intelligence. What is MDR? Tune into our latest webinar. Learn More.

Threat Detection 107

Threat Detection Cyber Insurance Small Business Insurance 107